• State TI Thinks Resolved
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 99 subscribers
  • Views 677 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

66AK2H14: TrustZone, secure boot and key management

franziskus
Expert 8399 points
Part Number: 66AK2H14
Other Parts Discussed in Thread: 66AK2H12,

Team,

my customer thinks abour using 66AK2H14 or 66AK2H12. Can you help with the following questions?

  • How can we use the TrustZone technology to implement secure/verified boot in practice?
  • In addition to the SoC (e.g. 66AK2H14 or 66AK2H12) are there some external HW requirements, such as some external ROM or OTP chip? Or does the SoC include all HW required to implement the secure boot?
  • In the latter case, how is the public key written to SoC?

Thanks!

  • 0
    TI__Guru**** 161600 points
    Hi,

    Here is what I can answer to your question.

    ARM Trust Zone is intended to be used in secure device environment, see Figure 12-1. C66x DSP Device Nomenclature (Including the 66AK2Hxx Device) from 66AK2H14 datasheet and make sure you use a High-Security device with TI developmental keys or High-Security device with production keys.

    The SoC should include the needed hardware for secure boot. No external ROM or OTP chip.

    Also check the following e2e threads:
    e2e.ti.com/.../364152
    e2e.ti.com/.../325088

    Best Regards,
    Yordan