PEmicro Blog

PEmicro adds iMXRT117x and LPC55Sxx PRINCE to Secure Boot Utility

PEmicro's Secure Boot Utility is now updated to support NXP's iMXRT117x devices and PRINCE encryption for LPC55Sxx devices. The Secure Boot Utility greatly simplifies the steps needed to enable security on NXP's iMX and LPC55Sxx processors, including certificate generation, signing of the user application, and setting the necessary non-volatile security settings in flash memory.

What is Secure Boot?

Protecting embedded systems from attacks continues to be a major concern for developers. In response, silicon manufacturers such as NXP are continuously adding new security mechanisms to guard against more sophisticated attacks. For more information about NXP secure boot, please see our detailed posts for Secure Boot for iMXRT and Secure Boot for LPC55Sxx.

New iMXRT117x Support

Similar to its iMXRT10xx counterparts, NXP's iMXRT117x processors support both signed and OTFAD encrypted images. PEmicro's Secure Boot Utility handles all steps to enable these images, including signing of the user application before programming to flash and all of the necessary fuse settings.

LPC55Sxx PRINCE Support

PRINCE images are both signed and encrypted, but the encryption key is generated inside the processor using a special PUF (Physical Unclonable Function) peripheral. This creates unique keys for each processor and the key is never exposed to the outside world. PEmicro's Secure Boot Utility handles the enrollment steps to create and store the PRINCE keys, supports up to three PRINCE regions (each protected with a different PRINCE key), and writes all of the necessary PFR bytes to enable these encrypted images.

Tags related to this Blog Post

Cyclone     Cyclone FX     Multilink     Multilink FX     Prog ACMP     NXP     Production Programming