I am studying the security boot in S324146. I found these resource about security boot,
- Getting Started with CSEc Security Module AN5401 AN5401SW
Basically, the procedure to enable security boot is like this,
1. Execute program partition command in RAM(only take effect after next reset)
3. Program MASTER_ECU_KEY,BOOT_MAC_KEY and other user keys
4. Define the secure boot flavor and the BOOT_SIZE using CMD_BOOT_DEFINE command
5. Program code to be security boot protected
6. Program BOOT_MAC
a. Automatically: Power on reset. The CSEc calculates BOOT_MAC and stores it in secure memory slot
b. Manually: using another program(runing in RAM) to calculate BOOT_MAC and program it.
7. Security boot will work in next power on reset
The examples provided by NXP need lanuch several external programs to enable security boot during step 1- step 4, so my question is if 100K need to enable security boot in mass production, what is the best solution?