We are joining forces with Beatport! Existing accounts will be invited to transfer soon. New users must go to Beatport to create a new account. Learn More

Qoriq Trust Architecture 2.1 User Guide ((top)) | DELUXE 2025 |

You can test Secure Boot using "Development" keys without blowing fuses by using the SoC's override registers.

This unique pairing is often referred to as the QorIQ LS Trust Architecture and merges NXP's security IP with the Arm ecosystem to provide a robust hardware root-of-trust, foundational for the Layerscape Secure Platform.

Monitors tamper detection pins, voltage fluctuations, and software anomalies. qoriq trust architecture 2.1 user guide

The ISBC reads the ESBC image from external flash. It extracts the SRK table, computes its SHA-256 hash, and compares it to the SRKH value stored in the OTP fuses. If they match, the public key is trusted. Step 3: Signature Verification

When reading the User Guide, you will encounter a complex ecosystem of hardware and software components. Here are the most interesting and critical features explained: You can test Secure Boot using "Development" keys

The ISBC found a correct signature but the ESBC overwrote security vectors. Fix: Rebuild U-Boot with CONFIG_SECURE_BOOT=y and CONFIG_SYS_LOAD_ADDR set to a non-overlapping region.

"When this chip powered up, the hardware-enforced Root of Trust started executing code from immutable ROM," Elias explained, his fingers flying over the keyboard to access the low-level console. "The software can lie to us, but it can't lie to the SEC (Security Engine Core). The SE is a separate subsystem. It has its own memory, its own processor. It’s a computer inside a computer, and the main OS can't touch it." The ISBC reads the ESBC image from external flash

The following example illustrates the secure boot execution flow for a typical Chain of Trust setup on a Layerscape platform:

: If you’re new to QorIQ security, read Chapter 3 (Boot Flow) first, then skip to Appendix A (Lifecycle states), and only deep-dive into registers later.

Hardware-based counters in the OTP fuses prevent rollback attacks. If a security vulnerability is patched in a new software version, the monotonic counter increments. The system will refuse to boot older, vulnerable software versions even if they have valid signatures. Tamper Detection and Response