From this document (http://www.xmos.com/safeguard-ip-and-de ... ?support=1) I came to know about XMOS code protection. But still now I have lots of confusion. Actually I need to know for enabling code protection if any one do some mistake then what will happed? The chip will be unused or the same can be reused. Actually I have only one L1 board and I afraid to do the code protection experiment. If my board becomes unused my R&D will be stopped. So before going for this I want to clear all the confusion first.Now my question is:
In case of XMOS L1 controller if security bit of the AES module is programmed with proper authentication and description key after encrypted image is burned on external flash then how the chip can be re-used for different image with code protection security active?
Secure boot procedure
1. The device loads the primary bootloader from its ROM, which detects that the secure boot bit is set in the OTP and then loads and executes the AES Module from OTP.
My question:
What is primary bootloader? Is it user build or pre loaded during fabrication of the chip.
2. The AES Module loads the flash loader into RAM over SPI.
3. The AES Module authenticates the flash loader using the CMAC-AES-128 algorithm and the 128-bit authentication key. If authentication fails, boot is halted.
4. The AES Module places the authentication key and decryption key in registers and jumps to the flash loader.
Develop with the AES module enabledMy question:
What is flash loader? Is it user build or it is build by XMOS programming tools?
We can activate the AES Module at any time during development or device manufacture. In a development environment, you can activate the module but leave the security bits unset, enabling:
• XFLASH to use the device to load programs onto flash memory,
• XGDB to debug programs running on the device, and
• XBURN to later write additional OTP bits to protect the device.
To program the AES Module into the XMOS device we have to give the following commands on XMOS command prompt.My question:
If the security is unset then what is the purpose to activate the AES Module as we leave the security bit unset?
1) xburn –genkey keyfile
2) xburn –l
3) xburn –id ID –lock keyfile –target-file target.xn –enable-jtag –disable-master-lock
To encrypt the program and write it to flash memory, the command needs to be entered
xflash –id ID bin.xe –key keyfile
To protect the XMOS device, preventing any further development, enter the command:
xburn –id ID –target-file target.xn –disable-jtag –lock keyfile
Thanks & RegardsMy question:
After preventing the XMOS chip with protection active if any one want to change the code, then how he will burn the new code?
Jags