The QorIQ Trust Architecture 2.1 (also known as Trust 2.1) is a specialized security framework for NXP's QorIQ SoCs, such as the T-series and LS-series. It provides a Hardware Root of Trust through features like Secure Boot, cryptographic acceleration, and tamper detection.
Because this architecture involves sensitive security implementations, the official 2.1 User Guide is generally non-public and requires a Non-Disclosure Agreement (NDA) with NXP to access. Core Components of Trust Architecture 2.1
Based on technical specifications and previous versions, Trust 2.1 typically includes:
Secure Boot (ISBC/ESBC): Uses an Internal Secure Boot Code (ISBC) stored in ROM to validate the initial bootloader using RSA digital signatures.
Security Fuse Processor (SFP): A block of Write-Once-Read-Many (WORM) fuses that store the Super Root Key (SRK) hash and "Intent to Secure" bits.
Cryptographic Acceleration (SEC): Hardware offloading for encryption (AES, 3DES), hashing (SHA-256/512), and public-key operations (RSA, ECC).
TrustZone Integration: Support for Arm TrustZone or similar hardware partitioning to separate secure and non-secure execution environments.
Secure Storage: Management of "Black Keys" (encrypted keys) that are only decrypted within hardware for runtime use, preventing exposure to external memory. Typical Secure Boot Flow qoriq trust architecture 2.1 user guide
Pre-Boot: The device checks the Intent to Secure (ITS) fuse. If set, the Internal Boot ROM takes control.
Validation: The ISBC reads the developer's public key from external memory, hashes it, and compares it against the SRK hash in the on-chip fuses.
Authentication: The ISBC uses the validated public key to verify the digital signature of the next stage (e.g., U-Boot or TF-A).
Execution: If the signature matches, the code is executed; otherwise, the device enters a "Secure Check Fail" state and stops. Accessing Documentation
To obtain the full Trust Architecture 2.1 User Guide, you must: Visit the NXP QorIQ Community to request access. Contact your local NXP field applications engineer (FAE).
Sign a standard NDA to download the document from the secure NXP DocStore. INTRODUCTION TO QORIQ TRUST ARCHITECTURE
The QorIQ Trust Architecture 2.1 User Guide is a specialized technical document from NXP (formerly Freescale) that provides instructions for implementing hardware-based security features like Secure Boot on QorIQ processors. Availability and Access The QorIQ Trust Architecture 2
The full User Guide is typically not public and often requires a Non-Disclosure Agreement (NDA) with NXP to access. You can request it through the NXP Community or by contacting your NXP representative directly. Key Components of Trust Architecture 2.1
Based on associated documentation and public summaries, this architecture version includes:
Secure Boot: Ensures only authenticated, OEM-signed code executes by verifying digital signatures during the boot cycle.
Chain of Trust: A multi-stage verification process starting from a hardware root of trust (Internal Secure Boot Code).
Fuse Management (SFP): Use of the Security Fuse Processor (SFP) to store permanent system secrets, such as the Intent to Secure (ITS) bit and the Super Root Key Hash (SRKH).
Security Monitor (SecMon): Hardware that monitors the system state and manages transitions between secure and non-secure modes.
Trusted Manufacturing: Specialized processes (detailed in Section 5.5 of version 2.1) for securely provisioning devices during production. Implementing Secure Boot (Standard Flow) Implementation generally follows two phases: Example: # On target =>
Development Phase: Secure boot is enabled via software flags (e.g., RCW[SB_EN] = 1) without permanently blowing fuses, allowing for testing and debugging.
Production Phase: The ITS bit in the SFP is permanently "blown" to lock the system into a secure state, after which it will only boot signed code. Relevant Resources
Reference Manuals: Specific processor manuals (e.g., LS1012A or T2080) often point to the Trust Architecture guide for security-specific register details.
Training and White Papers: High-level overviews can be found in NXP's Secure Boot White Paper and training presentations on QorIQ Trust Features.
The QorIQ Trust Architecture 2.1 (often associated with NXP Power Architecture processors like the T-series and LS-series) is a robust security framework designed to establish a "Root of Trust" in embedded networking and aerospace/defense systems.
When reading the User Guide, you will encounter a complex ecosystem of hardware and software components. Here are the most interesting and critical features explained:
get_debug_challenge.Example:
# On target
=> get_debug_challenge
Challenge: 0xABCD1234...
Part 1: Core Concepts of TA 2.1
Before touching registers or keys, you must understand three pillars of TA 2.1:
1.1 The Security Fuse Box (SFB)
A one-time programmable (OTP) memory array inside the SoC. It holds:
- SRK Hash (Super Root Key Hash): A SHA-256 hash of up to 4 public keys.
- OEMUID: Unique identifier for the manufacturer.
- Lifecycle state (e.g., OEM Closed, Secure Closed).