PEmicro-erlebniswelt

Programming of NXP i.MX RT10xx devices with Secure Boot

The Cyclone production programmers from PEmicro make programming NXP i.MX RT10xx devices with activated Secure Boot extremely easy and secure. The Secure Boot Utility included in the scope of delivery of the programming device handles the signature, encryption of the i.MX RT10xx application as well as the details for configuring and blocking the security. The programmer supports an extremely fast Secure JTAG connection to the target i.MX device.

PEmicro's production programming images are heavily encoded and optionally cryptographically secure so that the user's firmware files, encryption keys, backup settings and passwords are securely protected from the moment the image is generated during the manufacturing process. Programming images can be restricted for use on specific cyclones with fixed date ranges and programming numbers.

Learn more about the i.MX security features and watch a demonstration of how to create a secure i.MX RT10xx programming image.

 
Creating a Secure Boot Programming Image for i.MX RT1011

The following video shows how to use the Image Creation Utility in conjunction with the built-in Secure Boot Utility to generate a stand-alone programming image that secures an NXP i.MX RT1011 processor:

secure-boot-video

Overview of relevant i.MX safety functions

1. Run only signed firmware

The i.MX RT Series supports a secure boot process that only allows application code signed with certain certificates to run. In general, you generate a group of four signature certificates once, which are stored in a PEKeyFile collection. If you program the hash of these certificates into the backups of an i.MX RT device with other suitable settings, the i.MX device will only start code that is signed with one of these certificates.

This function allows you to program an i.MX device during production so that only the application code you have signed is started. This can be used to prevent malicious, unauthorized, or corrupted code from running in your product.

The original certificates are not programmed into the device's backups and as such remain in your private custody. Only the hash values of the certificates are programmed into the backups, and only the public part of the certificate is contained in your application.

A PEKeyFile collection contains the set of four signature certificates and can be linked to any number of secure startup projects.

NXP_imx_1

2. Encryption of the application firmware

In addition to the option for signed code, there is an option to also encrypt the application code. The application code is stored encrypted in the internal / external memory. In most cases, the processor runs directly from encrypted storage in a process called Execute In Place (XIP). The decryption takes place during operation with the on-chip BEE or OTFAD modules. Alternatively, the encrypted code can also be decrypted when booting, stored in RAM and no longer have enough RAM. Running the application from RAM can have moderate performance benefits compared to encrypted XIP. However, if the RAM is outside the processor, it can be easily read.

In general, the user generates an AES cryptographic key once for a specific product (or a specific product line), which PEmicro calls an “encrypted startup key”. This key is sometimes used with other random keys to encrypt the application code before saving it for flashing. If the encrypted startup key is programmed into the backups of an i.MX RT device with other appropriate settings, the i.MX device can execute and decrypt application code that has been encrypted with the same encrypted startup key.

NXP_IMX_2

It is not necessary for an i.MX processor with an encrypted startup key programmed into its backups to only execute encrypted binary files. The processor can run either signed or signed + encrypted applications.

The advantage of encrypting the user application is that it provides a strong defense against product copying. If the application is unencrypted and stored in external storage, it can be copied, signed (or unsigned) with a different certificate, and run on a blank new i.MX device. Encrypting the application with the encrypted startup key prevents this. Without a copy of the encrypted startup key, the application code will not be readable, and even if it is copied, another i.MX device will not be able to decrypt it.

A PEKeyFile collection can contain any number of encrypted startup keys.

3. Restrict JTAG access with a password

To prevent debug access to the device after production programming, fuses can be set to either disable the debug module or enable secure JTAG mode. For JTAG secure mode, the debug / programming hardware must use a password while connected. Without the appropriate password, the secure JTAG mode does not allow read / write memory and does not allow code access via the debug module.

NXP_IMX_3
NXP_IMX_4

If the correct password is provided, normal JTAG/SWD mode can be used to debug or reprogram the device.

PEmicro utilities store JTAG passwords along with signing certificates and encrypted boot keys in a single PEKeyFile capture file (.peKeyFile). The PEKeyFile stores a single set of four signing certificates and an unlimited number of JTAG passwords and encrypted seed keys. Many secure boot projects can share the same security elements.

Secure JTAG access to the device after factory programming can be helpful to reprogram the device or perform troubleshooting later.

PEMicro recommends either enabling secure JTAG mode or disabling the JTAG port entirely if security is important. PEMicro's Cyclone programmers and multilink debug interfaces support secure JTAG mode.

A PEKeyFile collection can contain any number of I.MX passwords

4. Lock sensitive fuses

There are backups with confidential values, especially the backups that contain the encrypted startup key and JTAG password. One of the advantages of the PEmicro Cyclone programming solution is that the programming images generated are completely self-contained and encrypted. This means that the values of sensitive keys are protected during the manufacturing process and from people who handle the programming data.

Once the keys are programmed in the target device itself, it is recommended that you lock them for future reads. If the option "Lock backups" is activated in the Secure Boot Utility, the Cyclone locks the sensitive backups against reading / writing immediately after programming. Application code executed on the device and access via debug interfaces cannot read the values of these sensitive backups.

NXP_IMX_5

Although the functions for signing, encrypting and JTAG password / deactivation should prevent access to these backups from being read, PEmicro recommends, for security reasons, to permanently restrict access to these sensitive backups ("block").

PEmicros utilities for image creation and safe booting

PEmicro's imaging program is a graphical user interface that allows a user to define all of the inputs required to create a stand-alone programming image. A stand-alone programming eSAP image contains all firmware files, backup definitions, power settings, debug settings, serialization, algorithms and more that are required during programming and is encrypted to protect the content. The Image Creation Utility generates a configuration file (.CFG) that is used by the SAP Image Compiler to create the image.

i.MX RT10xx applications built for production require additional security settings to make it easier to sign and encrypt the application code and generate all the necessary backup files, keys, certificates and passwords. PEMicro includes the graphical Secure Boot Utility which is conveniently integrated with the Image Creation Utility to process these details.

NXP_IMX_6

The Secure Boot Utility creates/saves a Secure Boot Project file (.SBP) upon exit, which is later used to create parts of the eSAP image.

Recommended i.MX RT security settings for production The Secure Boot Utility has two main types of settings that affect the security of the i.MX application: 1) application settings and 2) device settings. Application settings are concerned with signing and encrypting application code, and device settings are concerned with restricting access to chip resources such as JTAG and sensitive backups. If you change many of these settings, the i.MX RT device's security profile will change. The good news is that the Secure Boot Utility has a Security Summary tab that analyzes the Secure Boot settings for security vulnerabilities. PEmicro recommends checking the security overview whenever changes are made to the security settings in the Secure Boot Utility and removing any security gaps found. Here are the most important settings: To ensure that only signed code is running on the target processor, it should be closed.

NXP_IMX_8

To ensure that the programmed code is encrypted and that the target device has the keys required to run encrypted code, the secure boot mode should be set to OTFAD or BEE (one or the other is used depending on the device):

In order to lock sensitive backups (Boot Encryption Key and JTAG Password) for future access, the lock backups should be set to "Yes":

NXP_IMX_9
NXP_IMX_10

The JTAG status should either be permanently deactivated ("No Debug") or password-protected ("Secure JTAG"):

Recommended SAP Image Encryption (Stand Alone Programming) for production

A stand-alone programming image can be encrypted when it is created. Regardless of whether encryption is used, the user does not have direct access to the contents of the programming image as all data is ingeniously encoded and embedded in a single file. By adding a layer of industry standard cryptography, this protective shell is significantly hardened. PEmicro recommends encryption in cases where the customer:

1. Limit the programming image to use on specific Cyclone units only. These cyclones would have to be provided with the same cryptographic key that was used to encrypt the image.

2. Limit programming to a specific date range or number of programming

3. Make it practically impossible to reverse engineer the contents of the programming image

NXP_IMX_11

When an encrypted image is saved to disk, it has the extension .esap (.sap is the extension for unencrypted image). The PEmicro utilities and Cyclone display clearly indicate when an image is encrypted.

Changing secure boot settings in the Image Creation Utility

 

The Secure Boot Utility is integrated with the Image Creation Utility as follows:

NXP_IMX_12
NXP_IMX_13

The Link/Create Secure Boot Project button allows you to specify or create a Secure Boot project and link it to the current Image Creation configuration. The Edit Secure Boot Project button launches the Secure Boot Utility, which allows the user to change Secure Boot settings. The Delete button unlinks a linked secure startup project.

Every time the Secure Boot project is edited/modified via the Image Creation Utility or the Regenerate Programming Sequence button is clicked, the user can update the Programming Sequence script in the Image Creation configuration to match the Secure Boot Project settings . It is generally recommended to update the programming sequence script, although any changes you previously made to the programming sequence script will be lost.

The "Automatically create signed binaries..." check box. during the SAP image creation process "causes the image creation process to create the signed or signed + encrypted application from the unsigned application input each time an eSAP image is created, as well as a backup file containing all security options based on based on the associated Secure Boot Project. In the example above, evkmimxrt1010_iled_blinky_final.srec and evkmimxrt1010_iled_blinky_fuses.OPT are created each time immediately before creating the eSAP programming image.

The creation process for this case can be seen here:

NXP_IMX_14

Based on the settings in the Secure Boot Project file, the Secure Boot Utility command line compiler generates intermediate Flash/Fuse output files, which are then used by the SAP Image Compiler when building the standalone programming image. These intermediate files are:

NXP_IMX_15

Secured Application File: This is an S-Record file that contains all of the application data, tables that the bootloader needs to start the application, and any appropriate signatures and hashes that are required to start in the appropriate mode. The source application binary and the specific certificates/keys used to encrypt/sign the application data are specified in the Secure Boot Project file.

NXP_IMX_16

Configuration File for Aggregated Backups: This is an options (.opt) file that describes the entire set of backups to be programmed as part of the standalone process. This includes custom backups in addition to any backups required to implement security choices in the Secure Boot Project file.

This reference in the programming sequence script in the image creation configuration causes these intermediate binaries to be captured in the eSAP programming image and used to program the target processor. In the example above, the signed application file is programmed with the appropriate external flash programming algorithm and the fuse file is programmed with the i.MX RT1011 (One Time Programmable Fuse Region) OTP algorithm. Once the script has been imported from the Secure Boot Project, it can be modified. This allows detailed changes to be made to the programming sequence used in the eSAP image.

Note that these intermediate output files are referenced in the automatically generated programming script imported into the Image Creation configuration:

NXP_IMX_17

PEmicro Cyclone FX Universal