Lpc2000

After reading many posts in the forum, I would like to ask you a 
couple of questions that would help me and I think others too.

My goal:
*Upgrade the LPC2124 firmware after selling the device. I think this 
is called in field.
*Have any kind of security with respect to the file I will send to 
my clients in order to protect my code (encryption?).

The possibilities I imagine are:

1) I use the Philips LPC2000 Flash utility, or the lpc21isp program 
to load the new firmware.
Questions:
1-a) Isn't it unsafe from the code protection point of view? I think 
the file I send to the client can be converted back to code and 
someone else could use it for his/her benefit.


2) I could divide my code in two parts, one that would never be 
cleared, and the other with the part to upgrade in the future. The 
first part could have an algorithm to open and understand the 
encrypted firmware upgrade file. 
The procedure could be: The upgradeable part could include a code to 
let the user ask for a firmware upgrade. Upon this event, this code 
transfers the control of the processor to the fixed part, which 
starts the firmware upgrade process. Once finished, the fixed part 
jumps to the start of the new firmware memory block, and the "NEW" 
equipment would be ready to work.
Questions:
2-a) Is it possible to generate a code that stores part of the 
program starting on a specific memory address? How is that done? I 
though in writing the new code starting in a fixed address, but I 
need all the new code continuous in memory to write it properly and 
in empty locations.
2-b) Can I clear part of the flash memory by Bytes, blocks, etc?
How do you perform it?
2-b) How could the former procedure be done? I think the user could 
start the firmware upgrade process, and the LPC2124 could read the 
new code from a flash card or serially. What would be easier and 
safer?
2-c) Can I disable the debugging interface to avoid someone reading 
my first part of code? I understood that when the JTAG is disabled 
no one can reads the memory with "normal" approaches.



3) I code my own boot-loader with unencryption capabilities.
Questions:
3-a) Any idea on this topic? I have no idea about it, but I read it 
is a good solution. 
Is there any sample program, AN, paper, etc, to help me here?

I wait anxiously for replies.

Maria

I havn't done it on the LPC2100 chips. But I did what you said in 2) 
in my designs with MSP430. I wrote a bootloader routine which was 
loaded at factory. The real application is re-encoded and re-formated
in a mine-only special way to prevent tampering. Then, I wrote a 
piece of Window program which I put on our website. The customer 
would download the window program to upload the new firmware I email 
to him, if firmware upgrade is warranted. It works great. 
I figure it should work on this ARM chip, as long as the linker 
allows you to assign where each memory section will be allocated.
 
Lei

--- In lpc2000@yahoogroups.com, "penaso_maria" <penaso_maria@y...> 
wrote:
> 
> After reading many posts in the forum, I would like to ask you a 
> couple of questions that would help me and I think others too.
> 
> My goal:
> *Upgrade the LPC2124 firmware after selling the device. I think 
this 
> is called in field.
> *Have any kind of security with respect to the file I will send to 
> my clients in order to protect my code (encryption?).
> 
> The possibilities I imagine are:
> 
> 1) I use the Philips LPC2000 Flash utility, or the lpc21isp 
program 
> to load the new firmware.
> Questions:
> 1-a) Isn't it unsafe from the code protection point of view? I 
think 
> the file I send to the client can be converted back to code and 
> someone else could use it for his/her benefit.
> 
> 
> 2) I could divide my code in two parts, one that would never be 
> cleared, and the other with the part to upgrade in the future. The 
> first part could have an algorithm to open and understand the 
> encrypted firmware upgrade file. 
> The procedure could be: The upgradeable part could include a code 
to 
> let the user ask for a firmware upgrade. Upon this event, this 
code 
> transfers the control of the processor to the fixed part, which 
> starts the firmware upgrade process. Once finished, the fixed part 
> jumps to the start of the new firmware memory block, and the "NEW" 
> equipment would be ready to work.
> Questions:
> 2-a) Is it possible to generate a code that stores part of the 
> program starting on a specific memory address? How is that done? I 
> though in writing the new code starting in a fixed address, but I 
> need all the new code continuous in memory to write it properly 
and 
> in empty locations.
> 2-b) Can I clear part of the flash memory by Bytes, blocks, etc?
> How do you perform it?
> 2-b) How could the former procedure be done? I think the user 
could 
> start the firmware upgrade process, and the LPC2124 could read the 
> new code from a flash card or serially. What would be easier and 
> safer?
> 2-c) Can I disable the debugging interface to avoid someone 
reading 
> my first part of code? I understood that when the JTAG is disabled 
> no one can reads the memory with "normal" approaches.
> 
> 
> 
> 3) I code my own boot-loader with unencryption capabilities.
> Questions:
> 3-a) Any idea on this topic? I have no idea about it, but I read 
it 

> is a good solution. 
> Is there any sample program, AN, paper, etc, to help me here?
> 
> I wait anxiously for replies.
> 
> Maria