LPC55S6x | Arm Cortex -M33 | 32-bit MCU | NXP Semiconductors
AN12283
LPC55Sxx
1 --2020 3
1
LPC55xx/LPC55SxxArm Cortex® M33
· 320 KB SRAM · 640 KB · USB · USB · 5 · 1 SCTimer/PWM · 1 RTC/ · 1 24 (MRT) · (WWDT) · 8 USARTSPII2C I2S · 1 2.0 M / 16 ADC LPC55S/LPC55Sxx PRINCE LPC55Sxx PRINCE
2
LPC55Sxx
LPC55Sxx ROM PRINCE (DICE) CDI
1 ......................................................1 2 ........................................1
2.1 ........................ 3 2.2 CRC................. 4 2.3 ....................................... 4 2.4 PRINCE .................. 6 2.5 ............................ 7 3 ..........................................10 3.1 ..................................... 10 3.2 .............................. 10 3.3 ................................. 10 3.4 ................................. 11 4 LPC55Sxx .....................11 4.1 CRC........ 11 4.2 CRC........ 12 5 LPC55Sxx .........................13 5.1 ................................. 13 5.2 .............................. 14 5.3 .............................. 14 5.4 CFPA ........................... 15 5.5 CMPA .......................... 15 5.6 SB2............... 17 5.7 PRINCE ......... 20 5.8 ............................................ 22 6 .............................................22
ROM PRINCE ROM
ROM TrustZone-M DICE
ISP
CMPA NMPA
CMPA
DebugMailbox
DebugmailBox
ISP
DEFAULT_ISP_
MODE
ISP
CRC
CRC32
ISP
PC
CRC
TZM
SB2.1
1. LPC55S6x/LPC55S2x/LPC552x 1B
LPC55Sxx 1 2020 3
2 / 23
ISP
DEFAULT_ISP_MOD
E
CMPA NMPA
CMPA
DebugMailbox
DebugmailBox
ISP
ISP
1
2
CRC
PC
CRC32
CRC
ISP
TZM
SB2.1
2. LPC55S1x/LPC551x
· - - CRC · - 4 (RoT) 16 · PRINCE · TrustZone-M®
2.1
IDE LPC55Sxx
LPC55Sxx 1 2020 3
3 / 23
0x20 0X24 0x0
0x34
3.
Trust zone
2.2 CRC
LPC55xxx S CRC (UPC) (LPC55Sxx) UPC CRC32 CRC32
0x20 0X24 UPC 0x28 CRC32
0x34
CRC32
4. CRC
Trust zone
2.3
LPC55Sxx RSASSA-PKCS1-v1_5 RSA2048 LPC55Sxx 2048 4096 RSA X.509 V3 X.509 PKI 4 (RoT) 16
LPC55Sxx 1 2020 3
4 / 23
Image_Key
0x20 0X24 SPT 0x28
0x34
RSA2K
X.509 RoT key0 (SHA2) RoT key1 (SHA2) RoT key2 (SHA2) RoT key3 (SHA2) Trust zone RSASSA-PKCS1-V1_5
5.
ROM 1. X.509 2. Image_key · ROM x509
ROM " RSA SHA-256" · (PFR) SECURE_BOOT_CFG "RSA4K" RSA · 2048 · RSA4K 4096
2.3.1
(PFR) PFR 1
· · X.509 20
- 4 0x3c0xc3 16 - 0x0000 X.509
3C:C3:00:00: AB : AB : AB : AB - 17 ID0x00x10x30x70xF0x1F0x3F0x7F0xFF......0xFFFF · LPC55Sxx PFR (CFPA) (IMAGE_KEY_REVOKE) · IMAGE_KEY_REVOKE
LPC55Sxx 1 2020 3
5 / 23
- 0 16 1 0b0 - >0b1 -> 0b11->0b111 ......
- IMAGE_KEY_REVOKE · ROM
- RSA2K - ID IMAGE_KEY_REVOKE - IMAGE_KEY_REVOKE LPC55Sxx ROM
1
2.4 PRINCE
LPC55Sxx PRINCE //
LPC55Sxx 3 PRINCE SRAM PUF PRINCE
-2 128KB
-1 256KB
-0 256KB
6. LPC55S6x LPC55S2x PRINCE
IV1 SKey1
LPC55Sxx 1 2020 3
6 / 23
7. LPC55S1x PRINCE
2.5
LPC55Sxx ROM PRINCE
1. (CFPA) · · RoT
2. (CMPA) · · RoT · · Prince
3. PUF 4. ID
LPC55Sxx 1 2020 3
7 / 23
CFPA 512B
CFPA ping 512B CFPA pong 512B
CMPA 512B
1536B
8. LPC55xx
Secure_FW_Version
NS_FW_Version IMAGE_KEY_REVOKE
ROTKH_REVOKE VENDOR_USAGE DCFG_CC_SOCU_NS_PIN DCFG_CC_SOCU_NS_DFLT ENABLE_FA_MODE CMPA_PROG_IN_PROGRESS PRINCE Region 0 IV PRINCE Region 1 IV PRINCE Region 2 IV
256B ROM API
SHA-256
BOOT_CFG SPI_FLASH_CFG
USB_ID SDIO_CFG CC_SOCU_PIN CC_SOCU_DFLT VENDOR_USAGE SECURE_BOOT_CFG PRINCE_BASE_ADDR PRINCE_SR_0 PRINCE_SR_1 PRINCE_SR_2 XTAL_32KHZ_CAPABANK_TRIM XTAL_16MHZ_CAPABANK_TRIM FLASH_REMAP_SIZE FLASH_REMAP_OFFSET ROTKH[255:224] ROTKH[223:192] ROTKH[191:160] ROTKH[159:128] ROTKH[127:96] ROTKH[95:64] ROTKH[63:32] ROTKH[31:0] 256B ROM API SHA-256
0x9xxxx LPC55S6 55S2x 0x3xxxx LPC55S1x FLASH_REMAP LPC55S1x/551x
LPC55Sxx 1 2020 3
8 / 23
2.5.1 CMPA
CMPA PRINCE 1.SECURE_BOOT_CFG
29:0 31:30
SEC_BOOT_EN
0b00 0b01 0b10 0b11
CMPA SHA 256 CMPA SHA
2.5.2 CFPA
CFPA Ping Pong CFPA CFPA
1. API 2. 3. ROM ROM pingpong
4. CFPA CFPA RoT 2.ROTKH_REVOKE
1:0
RoTK0_EN
3:2
RoTK1_EN
5:4
RoTK2_EN
7:6
RoTK3_EN
31:8
0b00
......
LPC55Sxx 1 2020 3
9 / 23
0b01 0b10 0b11
......
RoTKx RoTKx RoTKx
3.IMAGE_KEY_REVOKE 15:0 31:16
IMG
17 ID0x0=0b00x1=0b10x3=0b110x7=0b1110xF=0b1111...... 0xFFFF=0b1111 1111 1111 1111
3
(PKI) DER X.509 v3 PEM DER 2048 4096
3.1
openssl v 1.1.0
3.2
(csr)
3.3
CA:FALSE X.509 20 4 0x3c0xc3 16
· 3C:C3:00:00: AB: AB: AB: AB
· 17 ID0x00x10x30x70xF0x1F0x3F0x7F0xFF......0xFFFF
LPC55Sxx 1 2020 3
10 / 23
x509_v3.ext
LPC55Sxx
3.4
CA:TRUE CA:FALSE
4 LPC55Sxx
CRC LPC55Sxx ELFTOSB ELFTOSB- GUI LPC55Sxx SDK/middleware/mcu-boot www.nxp.com/mcuBoot ELFTOSB CRC CRC
4.1 CRC
UPC ELFTOSB-GUI
LPC55Sxx 1 2020 3
11 / 23
LPC55Sxx
9. UPC ELFTOSB-GUI
1. LPC55Sxx 2. 3. LPC55Sxx 4. CRC TZ TrustZone-M 1. CRC 2. "" CRC CRC
4.2 CRC
CRC CMPA CFPA BLHOST ISP LPC55Sxx BLHOST SDK BLHOST UART ISP BLHOST
1. UART ISP
LPC55Sxx 1 2020 3
12 / 23
LPC55Sxx
· LPC55Sxx ISP S1 RESET S4 ISP 2. BLHOST
ping 3. 0x0
4. · blhost -p COMxx reset
5 LPC55Sxx
ROM A0 ISP
blhostelftosb elftosb-gui
Json
elftosb-gui
IAR
BIN SREC
elftosb
CRC
CRC
write-memory
blhost
SB2
(sbkek)
10.
5.1
IDE .bin .srec IDE
ISP
SB2
CMD + DATA
LPC55Sxx 1 2020 3
receive-sb-file 13 / 23
5.2
elftosb
LPC55Sxx
11. ELFTOSB-GUI
1. LPC55Sxx 2. 3. LPC55Sxx 4. TZ TrustZone-M 1. 1. 2. ""
5.3
ISP BLHOST BLHOST UART ISP BLHOST
UART ISP
LPC55Sxx 1 2020 3
14 / 23
LPC55Sxx
· LPC55Sxx ISP S1 RESET S4 ISP 1. BLHOST
· ping 2. 0x0
5.4 CFPA
CFPA CFPA ROTKH_REVOKE
1. ISP · LPC55Sxx ISP S1 RESET S4 ISP
2. BLHOST
· ping 3. .bin CFPA RoT 0-3 CFPA
> secureFwVersion >= secureFwVersion nsFwVersion >= nsFwVersion vendorUsage >= vendorUsage imageKeyRevoke >= imageKeyRevoke imagekeyRevoke OTP0137 rotkhRevoke > = rotkhRevoke rotkhRevoke OTP0137
4. CFPA 0x9DE00
ROM A0 ISP CFPACMPA
5.5 CMPA
CMPA
ROM A0 ISP CFPACMPA
LPC55Sxx 1 2020 3
15 / 23
LPC55Sxx
12. CMPA ELFTOSB-GUI
1. LPC55xx 2. "" 3. ISP COM UART ISP 4. """""" 5. DICE RSA4096 6. RKTH 7. "" CMPA ISP 8. blhost -p COMxx reset 9. 10. CMPA CMPA HASH CMPA"blhost -p COMxx write-
memory 0x9E400 CMPA_empty.bin" LPC55S69 0A
LPC55Sxx
LPC55Sxx 1 2020 3
16 / 23
LPC55Sxx
5.6 SB2
LPC55Sxx "" SB2 SB2 SB2 ROM elftosb SB2
5.6.1
SB2 SB2 256 SB AES SB2 ELFTOSB-GUI SB .txt LPC55Sxx PUF
13. SBKEK ELFTOSB-GUI
SB AC801E99BD3592E419B757EADC0985B3D3D0BC0FDB6B057AA88252204C2DA732
5.6.2 SB2
elftosb SB2 SB SB2 .bd "" SB elftosb
LPC55Sxx 1 2020 3
17 / 23
LPC55S6xx 0A SB 2.0 LPC55S6xx 1B SB 2.1 2.0 2.1 SB 2.0 SB 2.1 + SB 2.0
· -f = LPC55xx · -k = KEK (SBKEK) · -c =
LPC55Sxx
· -o = · files...=
+ SB 2.1 1
4
· -f = LPC55xx · -k = KEK (SBKEK)
LPC55Sxx 1 2020 3
18 / 23
· c =
LPC55Sxx
· -o = · -s = · -S = -S · -R = 1 4 -R -S
· -h = elftosb (RKTH) · files...=
5.6.3 SB2
SB2.0 "receive-sb-file" ISP
SB2.1 "receive-sb-file" ISP SB2.1 RKTH CMPA CFPA 0x9DE18 "ROTKH_REVOKE" RoT CFPA
SB2 SB *.bd SB 0x0 0x40000 0x0
LPC55Sxx 1 2020 3
19 / 23
LPC55Sxx
5.7 PRINCE
ROM A0 ISP "configure-memory"LPC55S69 PFR CMPA PUF
PRINCE PRINCE / PRINCE PRINCE PRINCE
5.7.1 PUF
PRINCE / SRAM PUF PUF
14. PUF ELFTOSB-GUI
1. LPC55xx 2. "" 3. ISP COM UART ISP
LPC55Sxx 1 2020 3
20 / 23
LPC55Sxx
4. PUF 5. PRINCE PUF PRINCE 0 PRINCE 0 6. (KEK) PFR 7. "" LPC55Sxx ISP 8.
PFR
5.7.2 blhost PRINCE
PRINCE ISP "configure-memory"
4.configure-memory
0 4
4 8
PRINCE PRINCE
5.configure-memory PRINCE 1:0
25:2 31:8
0x00 PRINCE 0 0x01 PRINCE 1 0x10 PRINCE 2
0x50 ('P') PRINCE
6.configure-memory PRINCE 31:0 63:32
PRINCE X PRINCE X
RAM "configure-memory" 1. 0
2. 0x0
3. 0x40000
LPC55Sxx 1 2020 3
21 / 23
4. RAM configure-memory
PRINCE
5.7.3
ROM "prince ""prince " flash-erase-region writememory MCUXpresso SDK Prince Prince
5.8
LPC55Sxx PRINCE
6
7.
0 1
2019 2 2020 3
SB2 SB2
LPC55Sxx 1 2020 3
22 / 23
nxp.com nxp.com/support
" "/ ""
nxp.com/SalesTermsandConditions
" " COOLFLUX EMBRACE GREENCHIP HITAG I2C BUS ICODE JCOP LIFE VIBES MIFARE MIFARE CLASSIC MIFARE DESFire MIFARE PLUS MIFARE FLEX MANTIS MIFARE ULTRALIGHT MIFARE4MOBILE MIGLO NTAG ROADLINK SMARTLXSMARTMX STARPLUGTOPFETTRENCHMOSUCODEAltiVecC5 CodeTESTCodeWarriorColdFire ColdFire+ CWare Kinetis Layerscape MagniV mobileGT PEG PowerQUICC Processor Expert QorIQ QorIQ Qonverge Ready Play SafeAssure SafeAssure StarCore Symphony VortiQa VybridAirfastBeeKitBeeStackCoreNetFlexisMXCPlatform in a PackageQUICC EngineSMARTMOSTowerTurboLink UMEMS NXP B.V. AMBA Arm Arm7 Arm7TDMI Arm9 Arm11 Artisan big.LITTLECordioCoreLinkCoreSightCortexDesignStartDynamIQJazelleKeil Mali, Mbed Mbed Enabled NEON POP RealView SecurCore Socrates Thumb TrustZone ULINK ULINK2 ULINK-ME ULINK-PLUS ULINKpro µVision Versatile Arm Limited/ Oracle Java Oracle / Power Architecture Power.org Power Power.org Power.org
© NXP B.V. 2020
http://www.nxp.com
salesaddresses@nxp.com
2020 3 AN12283
Adobe PDF Library 10.0