Categories

{{ selectedCategory.name }}

{{ topic.Title }} {{ topic.Ddate | formatDate }}

{{ topic.Content }}

No topics found!

Infineon AURIX: Prevent locking

03-Aug-2021

AURIX devices have several sensitive modules/areas (BMHDs, HSM, UCBs), which could lock the device permanently when they are configured incorrectly. To prevent locking your device follow these recommendations:


1. Security checker. 

Supported since winIDEA version 9.17.131.

Analyzes the download file(s) at download in order to prevent misconfiguration of MCU, which could result in incorrect boot or bricked MCU due to disabled debug periphery. If a violation is detected, it:

  • Rejects programming,
  • Modifies write data to keep device unsecured or 
  • Allows the download. 

Security checker is configured in the Hardware menu / CPU Options / Debugging  and it checks if after flash actions, device will be in operational state:

  • When HSM is enabled:
    • Are BMHDs valid
    • Is the HSM code present
    • Is HSM debug protection enabled
  • Do UCBs have confirmation codes
  • Do UCB_BMHD CRCs match
  • Existence of UCB ORIG/COPY pairs (TC3xx only)
  • Is debug protection enabled
  • Is read protection enabled
  • Is the HSM code loaded to the correct HSM Code Sector
  • The program entry point (if UCB_BMHDx.STAD matches to entry point of the primary elf file)
If an issue occurs, a warning is displayed in the Progress window. 

The Security checker functionality is bypassed when flash is programmed through the memory window.





2.  Download HSM code before HSM is enabled.
Follow these steps:
  1. Load the HSM code.
  2. Load the application code. 
  3. Perform download.
  4. Enable HSM.

Note that the chip will be locked after next power on reset if the HSM is enabled before the HSM code is downloaded.




3. Aurix plugin / Memory window.
Program the UCBs via Aurix plugin or Memory Window. It is not recommended to program it in the application code, because it may not execute properly. After download the CPU is in reset and if there isn’t any code programmed and HSM is enabled the CPU will be locked.

New UCB values are used by the CPU after next power on reset. If a user's application changes content of UCBs during program execution this could lead to a hard to find bugs if UCBs are not programmed/changed properly. It is recommended that UCBs are changed only during download, via memory window or aurix plugin, when CPU is stopped and the user knows exactly what is written to UCBs.


4. Demo Mode.
Use winIDEA Demo Mode prior flash programming to test whether all UCB sectors contain correct data, because wrong UCB data can lock the device permanently. 


5. UCB programming.
Number of writes to UCB is limited. Refer to your TriCore device documentation for the exact number of writes and to Internal Flash programming in Online Help for more information.



More resources:


Was this answer helpful?

Sorry this article didn't answer your question, we'd love to hear how we can improve it.
Note: This form won't submit a case. We'll just use it to make this article better.

Similar topics

{{ topic.Title }} {{ topic.Ddate | formatDate }}

{{ topic.Content }}

No similar topics found!

Other topics in the same category

{{ topic.Title }} {{ topic.Ddate | formatDate }}

{{ topic.Content }}

No topics found!