Hi all,
I'm developing for RT685 using FlexSPI for communication with the boot device.
I'm working with MCUXpresso Secure Provisioning Tool and can successfully build, write & execute (XiP) an encrypted & signed program after blowing OTP fuses.
now, my goal is to support in-field secure updates, while the image to be written to the boot device will be received via bluetooth.
My initial thought was that the image to store will be first saved in RAM and then written to the boot device. is it achievable?
I was wondering:
1. can my app, which is XiP (executed in-place), update the image on the boot device with an encrypted image? can it achieve the same behavior of the ROM BL for writing a .sb file?
2. in case I must use the ROM BL to write a .sb file to my boot device, how can I combine the bluetooth communication as the receival path?
any help will be much appreciated!
Thank you,
Dekel
also, regarding IAP for programming the flash device with user data:
I currently use fsl_flexspi.c, specifically the function FLEXSPI_UpdateLUT(). whenever I call this function, my app crashes. that's true when talking about encrypted app. before encryption it worked well.
I'd appreciate your help with it.
Hello again @dekel12121,
You can use an encrypted image with the same MCU, in this case the RT685 MCUs will running well. However, in other MCU the same image could be not work, this depending of each MCU.
The utility that can help you in the production stage is the MCUxpresso Secure Provisioning Tool version 10.0, in this software there is a "Manufacturing tool" section where you can load the .Axf to several Boards at the same time, the following image shows where this tool is located:
For more information about how this tool works, you can review chapter 5.7 of the document called MCUXpresso Secure Provisioning Tool User Guide v.10 which can be found in the following link: MCUXpresso Secure Provisioning Tool | NXP Semiconductors
In the other hand, you can encrypt the image and at the same time does not encrypt the User data, is possible configure which region of the flash will be encrypted, and at the same time the OTFAD will be recognize the encrypted region if it configured correctly.
Finally, can you clarify me the purpose of use the function called "FLEXSPI_UpdateLUT"? Also, the SDK (version 2.16.1) offers the example called "iap_flash" that could be helpful.
BR
Habib.
Hello @dekel12121,
When you use Secure Provisioning Tool V10 you chose the regions of the FLASH that will be encrypted, all of the other regions will not be encrypted, in Secure Provisioning Tool V10 is shown as the next image:
When you write this image is created a header where configures the OTFAD with the configurations that you previously assigned.
BR
Habib
Hello @dekel12121,
Q1. My initial thought was that the image to store will be first saved in RAM and then written to the boot device. is it achievable?
Ans: You can receive the new image in RAM but take in mind that the core will be using the RAM and could generate data collision.
Q2.an my app, which is XiP (executed in-place), update the image on the boot device with an encrypted image? can it achieve the same behavior of the ROM BL for writing a .sb file?
Ans: You can write the new image in the FLASH, but please take in consideration that the code will be running in RAM while the new image will be writing in FLASH. having clarified this, these pages can help you:
- LPC: How to place data/function/file in specified memory under MCUXpresso IDE.
- The macro called "AT_QUICKACCESS_SECTION_CODE" where is a macro of the driver "fsl_common" in our SDK.
-Also, the IAP: In Application Programming Driver could be helps.
In the other hand, with the propose of support you better, can you clarify me which commands of the ROM bl have you in mind to use?
2. in case I must use the ROM BL to write a .sb file to my boot device, how can I combine the Bluetooth communication as the receival path?
Ans: In this case the RT6xx does not have a specific Bluetooth incorporated, therefore the communication would be received by a module where the communication with the MCU will depending by their module.
BR
Habib
Hello again @dekel12121,
Taking in mind more details, you cannot write in the RAM and after write in the FLASH, in this case both memories will be using, therefore the core will not be able make fetch in any memory. However, in this app note explains better how make FOTA in the RT600.
In the other hand, with the purpose to write the FLASH you can use IAP or ISP where is are better explicated in the chapter 41.8 called "RT6xx ISP and IAP" in the RM.
Also, if you experience any issue, do not hesitate to let me know.
BR
Habib
Hi Habib,
thanks for link of the FOTA implementation in RT600.
I'm actually developing with MCUXpresso IDE, which isn't listed as a supported compilation toolchain. Is there support for FOTA under MCUXpresso somewhere?
In addition, can I use IAP for storing some user data (like constants, strings, etc.) on the external flash device alongside the XiP image? Will the FOTA process know to handle this?
Thanks.
Hello again @dekel12121 ,
Unfortunately, is not related implementation in MCUxpresso IDE for OTA, but in the reference of this app note is linked the Git hub repository of the SBL that could be helpful, as shown in the next image:
In the other hand, answering your second question, it is possible to save user data along with the XiP image via IAP, but be aware of how big your image is, in order to avoid overwriting it. I highly recommend see the app note that I shared you in a previous comment, where the FOTA is better explicated.
Also, if you experience any issue, do not hesitate to let me know.
BR
Habib.
Thanks again for the info!
Good to know I can use the flash for user data alongside the image itself! I'll take care of size and address usage, of course.
In addition, I'd like to ask about encryption and OTFAD:
As I mentioned in my initial post, I've used MCUXpresso Provisioning Tool for encrypting & signing the image and also for writing it to the boot device (i.e., external flash). I was wondering if the encrypted & signed image is unique to the specific MCU I'm working with or is it suitable for all similar MCUs? Namely, if I use multiple similar MCUs (RT685S), in which I burn the OTP fuses in the same way, can I use the same image for all of them? or should the image go through a customized process to be accepted by each MCU individually?
Thanks,
Dekel