AnsweredAssumed Answered

LPC55S69 : Firmware update

Question asked by Eugene Hiihtaja on Nov 22, 2019
Latest reply on Dec 13, 2019 by Eugene Hiihtaja

Hello !


SB 2.1 file is always encypted and signed. It means it is no any way to flash it into memory by using ISP type of update .

is this so ?



The recommended method to perform secure firmware updates is as follows:
• User application receives an encrypted SB file containing new firmware and
stores it in external SPI flash, or a similar memory.
• Use API to authenticate SB file.
• Use API to decrypt and load the SB file.
• If also using secure boot, the API can be used to authenticate the new firmware in
flash before rebooting into it. If this final authentication fails, the new firmware should
be made non-executable by erasing and writing over critical regions of it such as the
vector table. Even if not using secure boot, the code written to flash can still be signed
to support this final authentication step.



it means I should implement own application what receive image to second part of flash, encrypt it

and recopy to first part of flash memory and after that execute reboot.


But if image just signed, it can be flashed via ISP directly to flash memory and after that via secure reboot it might boot or not.

In this case encyption can be done on fly .



"The recovery boot mode on the 1B version of the LPC55S6xx that is using SB 2.1, only
supports two commands:
WriteMemory (RAM only) and Execute.


So it is always possible to load any image to RAM and execute it if no bootable image is exists on flash.

Is this so ?


For secure boot we need to prepare CFPA/CMPA page and it enable secure boot.

But what about erasing of this page and write it again. Can it be done ?