2019-04-03 05:34 AM
Hello,
In secured boot getting started it is said:
"Download the SB SFU project software to the target without starting a debug session
(Security protections managed by SBSFU forbid JTAG connection as it is interpreted as an
external attack)"
Does it mean it should be done using IAR:
Project->Download->Downloading File ?
Isn't it still using JTAG even if it is not yet debug ?
Thanks,
ranran
Solved! Go to Solution.
2019-04-03 07:50 AM
Section 6.1 prepares the chip by disabling all protection. In section 6.2, you do the initial download of the SBSFU code. This is done via JTAG, but has to be done using a "run program" type command (I'm not familiar with the Keil debug interface) instead of "debug program". The "run program" will load the program into FLASH using JTAG and then disconnect from the JTAG port. When the CPU starts running the SBSFU code it sets/enables all of the various protection levels which includes disabling the JTAG interface.
If you load it using a "debug program" type of command, it would have loaded the software just fine. But then if you tried to run it, the debugger would be disconnected when the protection features were enabled by the bootloader.
2019-04-03 05:43 AM
No, sounds like it wants you to deliver the update to the device the way a customer in the field would. For example pull it from a FOTA FTP server, or off a USB stick.
2019-04-03 06:12 AM
Hi,
It is described here in page 33 , section 6.2 :
https://www.st.com/resource/en/user_manual/dm00414687.pdf
There is no details how this should be achieved.
Yet, I understand from "download without debug" that IAR can be used for this using Project->Download->Downloading File ...
Why do you think this is not what they mean here ? Thanks
2019-04-03 07:50 AM
Section 6.1 prepares the chip by disabling all protection. In section 6.2, you do the initial download of the SBSFU code. This is done via JTAG, but has to be done using a "run program" type command (I'm not familiar with the Keil debug interface) instead of "debug program". The "run program" will load the program into FLASH using JTAG and then disconnect from the JTAG port. When the CPU starts running the SBSFU code it sets/enables all of the various protection levels which includes disabling the JTAG interface.
If you load it using a "debug program" type of command, it would have loaded the software just fine. But then if you tried to run it, the debugger would be disconnected when the protection features were enabled by the bootloader.