We've been looking at the possibility of user the Kinetis ROM bootloader (on MKL27Z4) as part of the user (post-shipping) firmware update process via USB, however from what we can tell it doesn't seem it would be a viable option for us if we're interested in securing the flash.
The main issue we would hit is that once flash has been configured as secure, it seems that to make any update via the ROM bootloader it would require a full erase (of absolutely all flash). This would mean that any 'factory' data stored in flash would be lost (the PC side updater app could potentially request and cache that data before switching the target to ROM bootloader mode, but the process could be interrupted and the data lost).
Is that understanding correct? If so, it would seem to mean that the ROM bootloader fundamentally can't be part of a secure firmware update process (where no other secure data storage is available).