If secure boot option is enabled in Table 268. Lifecycle state descriptions
mentioned "then limited ISP comands are allowed"
But I can see the next dangerous commands :
8.6.6 ReadMemory command
The ReadMemory command returns the contents of memory at the given address, for a
specified number of bytes. This command can read any region of memory accessible by
the CPU and not protected by security.
8.6.9 Execute command
The Execute command results in the bootloader setting the program counter to the code
at the provided jump address, R0 to the provided argument, and a Stack pointer to the
provided stack pointer address. Prior to the jump, the system is returned to the reset
8.6.10 Call command
The Call command executes a function that is written in memory at the address sent in the
command. The address needs to be a valid memory location residing in accessible flash
(internal or external) or in RAM.
And in SB file chapter:
22.214.171.124.3 Bootable section
A section that has the bootable section flag set is called a bootable section. It contains a
sequence of boot commands that are processed by the loader to perform a firmware
The boot commands are described in the elftosb User’s Guide. The LPC55xx ROM loader
provides the support for the following bootloader commands:
WriteMemory, FillMemory, ConfigureMemory, FlashEraseAll, FlashEraseRegion,
The WriteMemory and FillMemory commands can be used to write data to RAMs.
WriteMemory can be also used to program internal flash, including the PFR CFPA page,
assuming the flash is erased, for example, by FlashEraseAll or FlashEraseRegion
commands. ConfigureMemory command can be used to configure LPC55xx PRINCE
on-the-fly encryption module.
SB 2.1 introduces two new commands that can be used to prevent firmware roll-back:
The recovery boot mode on the 1B version of the LPC55S6xx that is using SB 2.1, only
supports two commands:
WriteMemory (RAM only) and Execute.
Do you have exact list of commands what are "limited ISP comands are allowed" ?
And How I undestand limitation in SB file section ?