SPRADN0 December   2024 F29H850TU , F29H859TU-Q1

 

  1.   1
  2.   Abstract
  3.   Trademarks
  4. 1Programming Fundamentals
  5. 2Introduction
    1. 2.1 Hardware Security Module
    2. 2.2 ROM Bootloader
    3. 2.3 Combined Image with X.509 Certificate
  6. 3Flash Kernel Implementation
    1. 3.1 CPU1 Firmware Upgrade (HS-FS)
    2. 3.2 Key Provision (HS-FS to HS-KP)
    3. 3.3 CPU1 Secure Firmware Upgrade (HS-KP/SE to HS-SE)
    4. 3.4 HSM Firmware Upgrade (HS-KP/SE to HS-SE)
    5. 3.5 SECCFG Code Provisioning (HS-KP/SE to HS-SE)
  7. 4Host Application: UART Flash Programmer
    1. 4.1 Overview
    2. 4.2 Build UART Flash Programmer with Visual Studio
    3. 4.3 Build UART Flash Programmer with CMake
    4. 4.4 Packet Format
    5. 4.5 Kernel Commands
  8. 5Example Usage
    1. 5.1 Loading the Flash Kernel onto the Device
      1. 5.1.1 Hardware Setup
      2. 5.1.2 Running the UART Flash Programmer
    2. 5.2 CPU1 Device Firmware Upgrade (HS-FS only)
    3. 5.3 Convert HS-FS to HS-SE
    4. 5.4 Loading a RAM-based HSMRt Image
    5. 5.5 Key Provision (HS-FS to HS-KP)
    6. 5.6 Code Provision (HS-KP/SE to HS-SE)
  9. 6Troubleshooting
    1. 6.1 General
    2. 6.2 UART Boot
    3. 6.3 Application Load
  10. 7Summary
  11. 8References

3.5 SECCFG Code Provisioning (HS-KP/SE to HS-SE)

To perform SECCFG programming of an HS-KP or HS-SE device, compile the CP_APP build configuration of the project. This can be done by right-clicking the project, hovering over Build Configurations, and selecting CP_APP.

To program a new image to SECCFG on an HS-KP or HS-SE device, the following events occur:

  1. BootROM in UART boot mode receives the UART lash kernel and boots the kernel.
  2. The kernel in CPU1 receives a command packet to receive the HSMRt image.
  3. The kernel prepares to receive an X.509 certificate as part of the combined image from the host.
  4. The kernel verifies that the incoming certificate is of the proper size and format and derives the size of the incoming image. For now, the certificate is stored in RAM.
  5. The kernel stores HSMRt image in shared LDAx RAM and requested HSM to authenticate.
  6. Upon successful authentication, the HSM begins executing the HSMRt in shared LDAx RAM.
  7. The kernel receives a command packet to receive Sec Cfg image.
  8. Kernel receives the X.509 image certificate and shares the same with HSMRt.
  9. After successful authentication of the image, HSMRt responds with an acknowledgment, after which flash kernel starts importing the Sec Cfg data via UART into the LDAx memory.
  10. After all the SecCfg data are received and programmed, the HSMRt is requested to verify the SecCfg programmed in the dormant banks with valid counter values. When the HSMRt authenticates the programmed image against the certificate, the certificate is further programmed to make sure successful boot in the subsequent power cycles
    1. Note in the case of HS-SE device, the decision of programming of the certificate is made on the swap value of the SSU registers.

Refer to Section 5.6 on steps to perform on the host application.

CAUTION: For HS-KP or HS-SE devices, the DPL interrupt LINK and STACK pointer needs to be set to LINK2 and STACK2, respectively. To adjust the setting, open the syscfg file in CCS, select Clock under TI Driver Porting Layer (DPL) section. The Keywriter binary image described in Section 2.1 needs be used as the HSMRt.