Other Parts Discussed in Thread: UNIFLASH, C2000WARE, SYSCONFIG
Tool/software:
Hello all,
For us USB bootloader is critical as it eliminates the need to have external components ( like the SIC or other boot loaders) and it's easy to interface with PC which is very important for the user interface, thus we are working on the USB boot loard on F28388D, however now we are looking to use the existing boot loader on the device and make it secure, for us the security is as follow :
Avoiding for the customer to read our code from the Flash, with previous generation DSPs we used to use CSM, however, it seems with the native USB boot loader on the F28338D we can't use CSM as the boot loader is hardcoded. ( is that right? )
To achieve this we are planning to do the following, please check and let us know if it makes sense or not, and what should we do?
Steps:
- Program the CMAK keys with our desired 128bit key through the Uniflash program
- Lock the JTAG for CPU1 within Uniflash
- Using the technique shown in "/boot_ex1_cpu1_cpu2_cm_secure_flash_cpu1", create our application with a CMAK tag, so the application will be in from a .hex file with a CMAK tag
- Put the DSP in the USB boot mode (by applying the respective boot mode pins )
- Send the .hex file of the application with the CMAK tag using "usb_flash_programmer.exe" developed for F2837xD devices ( can we send .hex file or it must be .dat file? How to convert? )
- Take out the DSP from the USB boot mode ( disconnecting the respective boot mode pins )
- Let the DSP run from Flash ( which is already updated by the USB bootloader)
is this something feasible? BTW, for now, we only need CPU1 to work with this method.
John