• State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 67 subscribers
  • Views 1560 views
  • Users 0 members are here
Attachments (3) Download All
Nordic Case Info
  • Case ID: 278638
Options
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Custom Board with nRF Connect for VS Code - secure and non-secure application on nRF9160 SiP

Casper Kronborg Pedersen

Hi DevZone,

1. Description:

I am going to use the nRF9160 SiP in a project on a custom PCB which will house the (LN60G840F, which has an nRF9160 on it). The application will include LTE-M and GPS. I think this means that I must:

  • Create a new custom board for the project build configuration to avoid relying on the nrf9160DK board files, and only the SoC/SiP specific files.
  • Create a partition of the application running as Secure, and another running as Non Secure to allow communication with the LTE-M.

I found this guide, which I have read:

https://devzone.nordicsemi.com/nordic/nrf-connect-sdk-guides/b/getting-started/posts/nrf-connect-sdk-tutorial---part-2-ncs-v1-4-0

The image below is from the guide, and it explains how the device tree is made for the nRF9160DK. I need to create my own files corresponding to what is in the blue part of the image. However, I am having a hard time figuring out what I am doing wrong.

2. My three Build configurations with build logs

I have created a project with 3 different build configurations. The custom boards are created with the "Create a new board" wizard:

  1. nRf9160dk_nrf9160ns
  2. Custom board depending on nRF9160 secure
  3. Custom board depending on nRF9160 non-secure

 - Configuration 1, builds just fine, but is relying on the development kit files.

 - Configuration 2, can only build if I do not use any functions that handle memory such as k_malloc(), and I believe that I will not be able to use the LTE-M with that configuration.

 - Configuration 3, which is the one I need, will not build.

I have included the build logs here:
build_logs_conf_1_2_3.zip

I am especially noticing Line 37: “Changed board to secure nrf9160dk_nrf9160 (NOT NS)” which is written only when building based on the nRF9160DK in the non-secure configuration (Configuration 1). Somehow the development kit build can access both secure and not secure boards, but this does not happen with the custom board. 

Also, when when building Configuration 3, it fails mainly in the validate_base_addresses.c file with the macros BUILD_ASSERT and CHECK_DT_REG

3. Custom Board dependent on the nRF9160 non-secure:

I am thinking this has to do with missing memory partition management from my side which I am assuming is part of the Device Tree. The settings for this could be in the board specific files in the generated “boards” folder which are dts, .yaml, Kconfig files, defconfig, and board.cmake. These are included here:

Fanstel_ln60g840f_ns_id.zip

Thank you in advance for your help,

Br. Casper

  • 0

    I am having (what seems to be) an identical issue with my own custom board project.

    I have attached my own log files as there are some minor differences, and my support information.

    I would be happy to provide the rest my files if needed or requested, but would need to do so in a private ticket.

    7268.Logs.zip

    note: I have tried to use my custom board files to build both a fairly complex cellular IOT system and a simple SPI loopback system and the logs were virtually identical for both builds. I could build the secure system fine, but when I set it to build non-secure, it would not work.

  • 0

    Hi Casper and Jeremy,

    The Custom boards section on the NCS document provides more information about how to add your custom boards for details.

    I suggest you use nrf9160dk as the template for your custom board, you can start with adding modifications to the overlay file to verify if it works, and finally add the modifications to your custom board. zephyr.dts in the build folder is used by the final firmware file.

    Best regards,

    Charlie

  • 0 in reply to Charlie

    Hi Charlie,

    Thank you for the link. However, I was not able to find any specific information about the Secure vs. Non-Secure build for boards there.

    Instead, looking directly in the nRF Connect SDK under my local path to the SDK I have found the specifics for the nRF9160DK:

     - C:\nRFConnectSDK\v1.7.0\zephyr\boards\arm\nrf9160dk_nrf9160

    It seems that a separate Device Tree file including .dts, .yaml, and defconfig files have been created for a Secure and Non-Secure version of the nRF9160DK, as well as files that are common for them. The image below shows what I am talking about:

    I have mirrored this setup for my custom board by creating a secure and a non-secure board with the wizard and then manually merging them to look like what is in the nRF Connect SDK for the nRF9160DK while excluding any development kit specific features and overlays.

    The files that I think are "merging" the boards are here, but I am not sure.:

    • Kconfig.board
    • Kconfig.defconfig

    Questions:

    1. Can you confirm if it is in the Kconfig files that the build is allowed to see both boards?

    2. Is this the proper way to define a Non-Secure board, or should I go about it in another way?

    Comment:

    I do not think it is very clear anywhere else but in the SDK files directly that when you need a Non-Secure board, you actually need to define a Secure as well as a Non-Secure board to make it work. Also, maybe when creating a board with the included wizard in the VS Code nRF Connect extension it should be created in a configuration that allows a Non-Secure application to run on it? Please excuse my question if it is not possible/a good idea because of something I do not understand yet.

    How I have been using it:

    To build with this board in a Non-Secure application you need to select the board id for the Non-Secure device tree just like when you are using the nRF9160DK. By doing this I can see in my build log that it is "swapping" between the Secure and Non-Secure boards similarly to building with the nRF9160DK_ns as the selected board.

    Thank you in advance for your help,

    Br. Casper

  • +1 in reply to Casper Kronborg Pedersen

    Hi Casper,

    I spend some time testing the custom board today and following the Walkthrough guidance, I can successfully build with "west build -b custom91boad_nrf9160_ns" for several exiting nrf9160dk samples. The default Secure Partition Manager sample sub-image is used almost by all the existing non-secure samples, so you do not need to struggle with creating non-secure board settings, just copy and use the one from nRF9160dk. 

    Some useful information about the secure domain managed by SPM:

    Application MCU

    Secure Partition Manager Sample

    Secure Partition Manager (SPM) Library

    Best regards,

    Charlie

  • 0 in reply to Charlie

    Hi Charlie,

    Thank you for replying.

    Somehow I missed Part 3 of the Walkthrough during my first read of it...

    What I have done without using the Walkthrough is basically what is Described in 2.2 in Part 3, but just using the Create Board Wizard provided by the nRF Connect extension for VS Code to create a Secure and Non-Secure version of the custom board and then manually merging them to resemble the files for the nRF9160DK in nRF Connect SDK v1.7.0.

    Charlie said:
    I spend some time testing the custom board today and following the Walkthrough guidance, I can successfully build with "west build -b custom91boad_nrf9160_ns" for several exiting nrf9160dk samples.

    It is nice that the Walkthrough explains that you should copy and modify an existing sample when creating a Non-Secure board instead of creating a fresh one. But, what threw me off was that if you create a Non-Secure board directly with the Create Board Wizard, then what is generated does not run Non-Secure applications because it does not resemble the samples located in nRF Connect SDK. Anyway, I should have double checked and read the Walkthrough provided by Nordic again.

    Thank you very much for your help.

    Br. Casper

Related