The QorIQ Trust Architecture 2.1 is more than just a set of features; it is a holistic security philosophy. By integrating trust into the silicon itself, NXP provides developers with the tools to build resilient systems that can defend against the increasingly complex landscape of modern cyber threats. flow or look at how OTPMK (One-Time Programmable Master Keys) are fused?
Never expose private keys. Use a Hardware Security Module (HSM) for signing in production.
The Qoriq Trust Architecture 2.1 is an evolution of the trust architecture designed to enhance security features for embedded systems. It provides a comprehensive framework that includes:
A valid alternate image inherits the same rights and privileges as a valid primary image, ensuring high availability and system security. 2.3. Anti-Cloning Mitigation qoriq trust architecture 21 user guide
The official "QorIQ Trust Architecture User Guide" for version 2.1 is a detailed technical resource that is only available under a Non-Disclosure Agreement (NDA) from NXP. To obtain it, developers must contact their local NXP sales representative or field applications engineer (FAE).
: Blow the security configuration fuses to close debugging ports (JTAG) and lock down the chip. Run-Time Security Features
: Permanently burn the public key hashes and disable development features (like unauthenticated JTAG) on production units. The QorIQ Trust Architecture 2
Once validated, the first-stage bootloader (e.g., U-Boot) takes over.
: Offloads public and symmetric key cryptography from the main CPU cores.
Transition the device from "Non-Secure" to "Secure" mode to enforce signature checking at every power-on reset. Operational States Never expose private keys
The NXP QorIQ Trust Architecture 2.1 (TA 2.1) is a hardware-based security framework integrated into NXP’s Layerscape and QorIQ processors. It provides a robust, silicon-level foundation to protect embedded systems from physical and logical attacks.
: Trust Architecture 2.1 supports key revocation. If one of your private production keys is compromised, you can program a fuse to invalidate that specific key index, forcing the system to rely on alternative keys in your SRK table.
Keep the private key strictly protected on a secure build server or Hardware Security Module (HSM). Phase 2: Creating the Boot Images