[Security] CSEC verification failure handling

Gideon · ‎01-29-2024

Dear NXPs:

background:

CMD_BOOT_DEFINE→BootManager 6KB Use CSEC's secureboot mechanism for verification.

The secondary verification area is Flex NVM Bootloader;

The area of third-level verification is Application;

Use CSEC's secureboot mechanism to verify the BootManager image. Select A. Sequential Boot Mode during the development phase; select B. Strict Sequential Boot Mode during the mass production phase.

Question：

Q1: We learned from AN5401 that no matter you choose A or B, when the Secureboot verification fails, the chip will cycle through Reset to execute the ROM verification code. As a result, the device cannot enter the normal application. Unable to boot errors may also occur after mass production. To facilitate investigation, how can I eliminate secureboot issues? The CSEC module does not seem to output some debugging information.

lukaszadrapa · ‎01-30-2024

Hi @Gideon

strict sequential secure boot mode is highest possible protection. If this mode fails, the device will never leave reset state, there's no way to recover and you can't get any debugging information.
If sequential boot mode fails, the only effect is that the application can't use boot protected keys. Everything else will work. You can attach a debugger and investigate the reason.

Regards,
Lukas

View solution in original post

lukaszadrapa · ‎01-30-2024

Hi @Gideon

strict sequential secure boot mode is highest possible protection. If this mode fails, the device will never leave reset state, there's no way to recover and you can't get any debugging information.
If sequential boot mode fails, the only effect is that the application can't use boot protected keys. Everything else will work. You can attach a debugger and investigate the reason.

Regards,
Lukas