AM625: Migration from non-secure to secure devices

Hi Hong-san,

Thank you for your reply.

Daisuke Maeda said:

Can a non-secure device be replaced by a secure device without any hardware design changes?

If not, what hardware design changes are required?

How about hardware design changes?

Best regards,

Daisuke

Hello Daisuke-san,
VPP(1.8v) is required to program the customer OTP keys on HS.
Please refer to "7.9 VPP Specifications for One-Time Programmable (OTP) eFuses" in AM62x DS
Best,
-Hong

Hi Hong-san,

Thank you for your reply.

Hong Guan64 said:

VPP(1.8v) is required to program the customer OTP keys on HS.
Please refer to "7.9 VPP Specifications for One-Time Programmable (OTP) eFuses" in AM62x DS

Can a non-secure device be replaced by a secure device without any hardware design changes by designing the VPP to be powered when programming the OTP keys after the proper device power-up sequence?

Are the configurations of Boot Mode Pins the same between non-secure and secure devices?

Best regards,

Daisuke

Daisuke Maeda said:

Can a non-secure device be replaced by a secure device without any hardware design changes by designing the VPP to be powered when programming the OTP keys after the proper device power-up sequence?

yes

Daisuke Maeda said:

Are the configurations of Boot Mode Pins the same between non-secure and secure devices?

yes.

There're additional items to consider when enabling security. For example, production key provisioning might need 1/. co-considerations with norml flashing process; 2/. additional trace log port etc... I'd recommend to fil in request for accessing more info on AM62x security.
www.ti.com/.../swlicexportcontrol.tsp
Best,
-Hong

Hi Hong-san,

Thank you for your reply.

I made a request last Friday through the following link you provided, but have not received any response.

www.ti.com/.../swlicexportcontrol.tsp

Is there any other procedure I need to follow?

I have some questions for secure devices.

Are there any plans to release the SK-AM62 with HS-FS device?
Or are there any plans to release new evaluation modules with HS-FS device?

Because our customer may prototype with samples of HS-FS devices, they need information to design with HS-FS devices.

When will the MCU+ SDK for AM62x supporting secure devices be released?

It seems that MCU+ SDK 08.06 for AM62x still does not support secure devices.

Best regards,

Daisuke

Hello Daisuke-san,

Daisuke Maeda said:

Are there any plans to release the SK-AM62 with HS-FS device?
Or are there any plans to release new evaluation modules with HS-FS device?

Yes, there'll be new AM62x-SK with HS-FS

Daisuke Maeda said:

When will the MCU+ SDK for AM62x supporting secure devices be released?

It seems that MCU+ SDK 08.06 for AM62x still does not support secure devices.

Secure boot is supported on SDK 8.6 (both Linux SDK and MCU+SDK).
Best,
-Hong

Hi Hong-san,

Thank you for your reply.

Daisuke Maeda said:

I made a request last Friday through the following link you provided, but have not received any response.

www.ti.com/.../swlicexportcontrol.tsp

Is there any other procedure I need to follow?

What about my request?

Hong Guan64 said:

Yes, there'll be new AM62x-SK with HS-FS

When is the release of the new SK-AM62 with HS-FS device planned?

Hong Guan64 said:

Secure boot is supported on SDK 8.6 (both Linux SDK and MCU+SDK).

I can find "HS-FS and HS-SE support" in the latest MCU+ SDK release notes for AM62x, but cannot find any more information in the documentation.

software-dl.ti.com/.../RELEASE_NOTES_08_06_00_PAGE.html

Incidentally, more information for HS devices can be found in the latest MCU+ SDK documentation for AM64x.

software-dl.ti.com/.../HSFS_MIGRATION_GUIDE.html
software-dl.ti.com/.../SECURE_BOOT.html

Best regards,

Daisuke

Hello Daisuke-san,
When building SBL from AM62x MCU+SDK 8.6, adding "DEVICE_TYPE=HS" build SBL for HS-SE.
I'm passing the e2e to my colleague to follow up your remaining questions on
1/. accessing to AM62x security resource portal
2/. AM62x HS-FS board available schedule...
Best,
-Hong