i.MX RT 1060 AES256 encrypted boot loader [USB-MSD, USB-HID Kboot, SREC LPUART, SD card]

mjbcswitzerland · ‎03-22-2020

Hi All

I have placed a reference boot loader for the i.MX RT 1060-EVK at
https://www.utasker.com/iMX/RT1060.html#SDCARD_BL

It supports the following firmware upload techniques to QSPI flash:
- USB-MSD (drag-and-drop when it appears as external hard drive)
- USB-HID KBoot (using the KinetisFlashTool for example, via USB) - composite with the USB-MSD class
- SREC loading via the LPUART
- SD Card loading (a new firmware with the name "software.bin" in the root of an inserted SD card will be updated to the QSPI flash).

The serial loader is stored encrypted in QSPI flash and accepts either plain-text applications or AES256 encrypted ones by any of the loading methods. The link has a binary that can be installed as serial loader and a reference application (encrypted and un-encrypted versions of it) in binary and SREC formats that can be used to check the operation over the various interfaces.

The security concept is outlined in the chapter "Total Security and Simplicity" in the document https://www.utasker.com/docs/iMX/i.MX_RT_1021_uTasker.pdf
and allows applications to be IP protected, run at full speed in tightly coupled instruction RAM (the loader automatically configures the FlexRAM to optimise the applications code and data requirements) and lowest current consumption since the QSPI flash is powered down after loading and no BEE power consumption overhead is involved.

Regards

Mark
[uTasker project developer for Kinetis and i.MX RT]

kerryzhou · ‎03-23-2020

Thanks for your sharing!

Best Regards,

kerry

mjbcswitzerland · ‎04-20-2020

Hi

I am pleased to say that the loader concept is now available for the following boards (various flash driver and simple configuration means that adapting to custom boards is child's play):

MIMXRT1010-EVK with i.MX RT 1011 [https://www.utasker.com/iMX/RT1010.html]
MIMXRT1015-EVK with i.MX RT 1015 [https://www.utasker.com/iMX/RT1015.html]
MIMXRT1020-EVK with i.MX RT 1021 [https://www.utasker.com/iMX/RT1020.html]
MIMXRT1050-EVK with i.MX RT 1052 - HyperFlash or QSPI [https://www.utasker.com/iMX/RT1050.html]
Embedded Artists iMX RT1052 OEM with i.MX RT 1052 [https://www.utasker.com/iMX/iMX_RT1052_OEM.html]
MIMXRT1060-EVK with i.MX RT 1062 [https://www.utasker.com/iMX/RT1060.html]
Embedded Artists iMX RT1062 OEM with i.MX RT 1062 [https://www.utasker.com/iMX/iMX_RT1062_OEM.html]
Teensy 4.0 with i.MX RT 1062 [https://www.utasker.com/iMX/Teensy_4.html]
MIMXRT1064-EVK with i.MX RT 1064 [https://www.utasker.com/iMX/RT1064.html]

New features integrated are:
- OTA upload support built in to the loaders (allowing applications to receive new code and let the loader safely upgrade)
- XiP application support. New applications can be loaded to directly run from SPI flash. This even allows SDK projects to be loaded with a simple change to the linker script setup, or large applications that can't fit into instruction RAM.

This give a single project (MCUXpresso, IAR, GCC make file, VIsualStudio) that can build many combinations of loaders for these i.MX RT parts allowing complete loader concepts to be completed with ease and no unnecessary development time lost. All parts share a common concept and share the same code for simplest maintenance. Using Visual Studio all parts are simulated and the complete loader concept can be tested and analysed in its simulator for highly accurate code coverage and peer reviews.

Regards

Mark

[uTasker project developer for Kinetis and i.MX RT]

i.MX RT 1060 AES256 encrypted boot loader [USB-MSD, USB-HID Kboot, SREC LPUART, SD card]

i.MX RT 1060 AES256 encrypted boot loader [USB-MSD, USB-HID Kboot, SREC LPUART, SD card]

i.MXRT 101x

i.MXRT 102x

i.MXRT 105x

i.MXRT 106x