I have placed a reference boot loader for the i.MX RT 1060-EVK at
It supports the following firmware upload techniques to QSPI flash:
- USB-MSD (drag-and-drop when it appears as external hard drive)
- USB-HID KBoot (using the KinetisFlashTool for example, via USB) - composite with the USB-MSD class
- SREC loading via the LPUART
- SD Card loading (a new firmware with the name "software.bin" in the root of an inserted SD card will be updated to the QSPI flash).
The serial loader is stored encrypted in QSPI flash and accepts either plain-text applications or AES256 encrypted ones by any of the loading methods. The link has a binary that can be installed as serial loader and a reference application (encrypted and un-encrypted versions of it) in binary and SREC formats that can be used to check the operation over the various interfaces.
The security concept is outlined in the chapter "Total Security and Simplicity" in the document https://www.utasker.com/docs/iMX/i.MX_RT_1021_uTasker.pdf
and allows applications to be IP protected, run at full speed in tightly coupled instruction RAM (the loader automatically configures the FlexRAM to optimise the applications code and data requirements) and lowest current consumption since the QSPI flash is powered down after loading and no BEE power consumption overhead is involved.
[uTasker project developer for Kinetis and i.MX RT]