LPSTK-CC1352R: How do we secure uploading firmware Over-the-Air?

Tim Cruise

Part Number: LPSTK-CC1352R
Other Parts Discussed in Thread: CC1352R

Dear all TI Engineers and Experts,

I have a LPSTK-CC1352R Evaluation board. It has a feature which enables uploading new firmware to it over the air through Bluetooth communication.

Now, the question is:

Company A owns a collection of its customised CC1352R devices.

Company B also owns a collection of its customised CC1352R devices.

How do they prevent other companies from uploading firmware to its own customised TI CC1352R devices?

over 2 years ago

+1 Marie H over 2 years ago

TI__Guru 73541 points

Hi Tim,

For this situation I would recommend using the "secure OAD" feature, which allows you to add a signature to your image. Images without a verified signature will not be downloaded on the device.

https://dev.ti.com/tirex/explore/content/simplelink_cc13x2_26x2_sdk_5_20_00_52/docs/ti154stack/html/oad-secure/bim.html#secure-bim

Alternatively, there are several ways to limit which devices are allowed to connect. Since a connection is required for OAD, this would also work.

Cheers,

Marie H.

0 Tim Cruise over 2 years ago in reply to Marie H

Intellectual 746 points

Hello Marie,

Is OAD feature a separate subroutine of Code Composer Studio C code?

Is it pluggable to any well developed CCS project on CC1352R device?

0 Marie H over 2 years ago in reply to Tim Cruise

TI__Guru 73541 points

Hi Tim,

I may have had some bias when reading your first post. I assumed you were concerned about someone uploading firmware over the air (OAD).

If you're talking about connecting to the device with a wired interface I have a different recommendation:

- The simplest solution is to lock the device in CCFG, this way no-one will be able to program it with a new image.

- A more advanced solution would be to use secure boot. Please see this app note:

https://www.ti.com/lit/swra651

Cheers,

Marie H.

Bluetooth®︎

Bluetooth forum

LPSTK-CC1352R: How do we secure uploading firmware Over-the-Air?