Question: If the i.mx6’s internal real time clock is not used, instead an external I2C device is used, does this create a problem with using any of the i.mx6’s security features?
iMX6 Secure features uses and internal real time counter (SRTC) which if enabled and reaches the maximum value it generates an interrupt informing a security violation.
External RTC can't be used in security iMX6 context. I2C external RTC for applications is needed, but for security features SNVS uses the internal SRTC.
If I'm interpreting your comments correctly - The customers external RTC can't be used in the context of iMX6 security but can still used be used for their applications needs. To utilize the security features of the SNVS Module (RM Chp. 60), it must use the internal SRTC. Disabling or otherwise not implementing the requirements the SNVS module has a cascading effect on many other security features such as High-Assurance Boot (HAB) and CAAM operation. So it seems that if the customer must have an external RTC, they should still implement the requirements of the internal SNVS/SRTC.
That's the case if secure features are needed they will end up using the internal SRTC, actually I don't think is possible to be used in other scenario as is part of SNVS.
To better understand the implications of not having battery backup for the SNVS supply as it pertains to security, if it is normally powered all the time via either a local AC supply or POE+ and is never powered down except for service, and reboots are done with a pushbutton. Given this, can you list what types of security features cannot be implemented or will be problematic?