SPRADN0 December   2024 F29H850TU , F29H859TU-Q1

 

  1.   1
  2.   Abstract
  3.   Trademarks
  4. 1Programming Fundamentals
  5. 2Introduction
    1. 2.1 Hardware Security Module
    2. 2.2 ROM Bootloader
    3. 2.3 Combined Image with X.509 Certificate
  6. 3Flash Kernel Implementation
    1. 3.1 CPU1 Firmware Upgrade (HS-FS)
    2. 3.2 Key Provision (HS-FS to HS-KP)
    3. 3.3 CPU1 Secure Firmware Upgrade (HS-KP/SE to HS-SE)
    4. 3.4 HSM Firmware Upgrade (HS-KP/SE to HS-SE)
    5. 3.5 SECCFG Code Provisioning (HS-KP/SE to HS-SE)
  7. 4Host Application: UART Flash Programmer
    1. 4.1 Overview
    2. 4.2 Build UART Flash Programmer with Visual Studio
    3. 4.3 Build UART Flash Programmer with CMake
    4. 4.4 Packet Format
    5. 4.5 Kernel Commands
  8. 5Example Usage
    1. 5.1 Loading the Flash Kernel onto the Device
      1. 5.1.1 Hardware Setup
      2. 5.1.2 Running the UART Flash Programmer
    2. 5.2 CPU1 Device Firmware Upgrade (HS-FS only)
    3. 5.3 Convert HS-FS to HS-SE
    4. 5.4 Loading a RAM-based HSMRt Image
    5. 5.5 Key Provision (HS-FS to HS-KP)
    6. 5.6 Code Provision (HS-KP/SE to HS-SE)
  9. 6Troubleshooting
    1. 6.1 General
    2. 6.2 UART Boot
    3. 6.3 Application Load
  10. 7Summary
  11. 8References

5.3 Convert HS-FS to HS-SE

The following and subsequent sections discusses how to use the flash programmer commands to convert an HS-FS device to an HS-SE device.

In an overarching view, to convert an default HS-FS device, user must first:

  • Goes through Key Provision, which converts to an intermediate state of HS-KP. (Key Provisioned, but no image has been flashed thus far).
  • Goes through Code Provision, which converts HS-KP device to HS-SE upon any successful flash unto the flash banks.
    • The flash programmer has provided three options to program flash as part of Code Provisioning:
      • CPU1 flash
      • HSM flash
      • SEC CFG flash (part of non-main flash bank)
  • After the first Code Provision and the device is in HS-SE, any subsequent Code Provisions are still allowed to program flash. And the device maintains the HS-SE status.

Even though any of the three provided Code Provision option uplifts the device into HS-SE, TI recommends to program SEC CFG first, prior to either CPU1 flash or HSM flash programming.

Over the next subsequent sections, each provision flow is discussed in chronological order.

CAUTION: BootROM follows a state machine sequence of expecting a SBL boot prior to any HSM services, as such, use the regular non-appIn version of the flash programmer. Refer to Section 4.1 on the difference of the two.