Hello,
I'm wondering how you tackle the issues for manufacturing companies to prevent overproduction or firmware modification to remove anticloning features of the firmware.
For the nRF91 and others, you have an immutable bootloader, which imposes a certification trust on the firmware on the chip. But how do you ensure that the immutable bootloader has not been altered by the manufacturing company to boot other firmware? Do the nRF91 and nRF52 series have some kind of firmware verification feature such as only signed immutable bootloaders are booted? So the integrity of the immutable bootloader is verified?
Do you plan such a feature for the next-gen nrf9161 and the smaller variant?
Do you provide services to pre-flash your chips and lock them so the manufacturer does not have access to the immutable firmware? Do you have any suggestions on how to go around this problem? We currently are using an ECC to place a signature in every chip based on the Uniq id of the chips and the firmware is verifying it. This provides us partial protection but it is not a bulletproof solution.