2. Secure Boot Overview

2.1. System Architecture

The DA14682/DA14683 sources its running firmware from an external QSPI Flash device as shown in Fig. 1.


Fig. 1 Secure Boot Overview

This architecture has several advantages for building a power efficient IoT device but it also introduces some challenges relating to security:

  • the external QSPI could be replaced
  • the external QSPI content could be modified

These challenges are addressed by the secure boot architecture.

2.2. Secure Boot Architecture

This section assumes the reader is already familiar with the secure boot architecture and the boot procedure of the DA14682/DA14683. If you are not familiar, or you need a refresher, a good introduction is the System Overview section of the Datasheet, in particular the BootROM Sequence and Security subsections.

The secure boot strategy is built on two main blocks; the Secure Key Area and the Secure Boot Loader (SBL).

The Secure Key Area is a specific OTP area that stores the symmetric keys used to validate the firmware image during the boot procedure. Symmetric keys must remain private to ensure security. The Symmetric Keys Area (SKA) subsection (in the Security section) of the Datasheet explains how this area is designed to store those keys

The SBL is an additional boot loader which is written in the DA14682/DA14683 OTP memory. The SBL is in charge of the following tasks as described in Fig. 2:

  • Check the device integrity. Verify the OTP content (that is the SBL itself) has not been altered, see Fig. 3.
  • Perform pending firmware upgrades, which include validation of the firmware, see Fig. 4.
  • Launch the execution of the application firmware when it’s safe to do so.

Fig. 2 Secure Main FSM

In order to ensure the secure boot CRC has not been altered, it is stored along with its bit inverted value. The properties of the OTP (bits can only be toggled from 0 to 1) make it impossible to alter the CRC and keep consistent with its inverted value.


Fig. 3 Secure Boot Loader Integrity Check


Fig. 4 Secure Boot Firmware Validataion