• State Not Answered
  • Replies 3 replies
  • Subscribers 63 subscribers
  • Views 97 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 325735
Options

Firmware version and downgrade protection

SirBuhi

Hi there,

I'm currently working on the firmware versioning and the downgrade protection for an nRF5340 with NCS 2.6.0.

The firmware consists of:

App Core
|-- build
|-- McuBoot
|-- TFM
--- B0

Net Core
|-- HCI_IPC
--- B0n

I currently have a specific prj.conf file for the main application, the McuBoot and the HCI_IPC.

The version number is set in the "Version" file according to Zephyr.

The main prj.conf file has the following enabled:

# Downgrade Protection
CONFIG_SB_MONOTONIC_COUNTER=y
CONFIG_SB_NUM_VER_COUNTER_SLOTS=20
CONFIG_MCUBOOT_HARDWARE_DOWNGRADE_PREVENTION=y
CONFIG_MCUBOOT_HW_DOWNGRADE_PREVENTION_COUNTER_SLOTS=240
CONFIG_MCUBOOT_HW_DOWNGRADE_PREVENTION_COUNTER_VALUE=1

I far as I understand from here, these are the only settings I have to take, in order that the downgrade prevention is active and they should be passed on to the sub-images like B0 and McuBoot.

However, I can up- and downgrade with the application "Device Manager" and "nRF Connect" for Android as much as I want without any protection.

Is there something else to consider?

Kind regards,

Patrick

  • 0

    Hi Patrick,

    Did you test with different firmware versions by setting the application frirmware version as desribed here and the MCUBoot veersion by adjusting CONFIG_MCUBOOT_HW_DOWNGRADE_PREVENTION_COUNTER_VALUE? And if you do, is it MCUboot downgrade protection that does not seem to work or application downgrade prevention? Can you elaborate on how you test?

  • 0 in reply to Einar Thorsrud

    Dear Einar,

    I defined the application firmware version with the VERSION file to lets say 9.8.7. Built the firmware and flashed it to the nRF5340.

    I then reduced the number of the version to lets say 8.8.7 as well as a change in a blinky timer (for visual testing) and built the firmware. Loaded the app_update.bin to the smartphone and performed a DFU with either the "Device Manager" or "nRF Connect" application.

    The same test was performed with setting the CONFIG_MCUBOOT_IMGTOOL_SIGN_VERSION to similar values as described above.

    Other settings in the prj.conf were not changed.

    Loading the new application with a lower version number and booting from it was possible, without any issue. Same as loading and booting the higher version again.

    In regards to the CONFIG_MCUBOOT_HW_DOWNGRADE_PREVENTION_COUNTER_VALUE, do I understand that correctly, that the value defines the version number of the McuBoot?

    Kind regards,

    Patrick

  • 0 in reply to SirBuhi

    Hi Patrick.

    I don't see any issues in this description, but the feature should work and I have not seen any other reports of problems with downgrade protection. Can you upload a project you use to test along with exact instructions for each step you take so that I can attempt to reproudce on my end?

    Br,

    Einar

Related