Manualshelf

User Manual

ManualsBrandsSparkFun Electronics ManualsDevelopment Boards & KitsApollo3 Blue Edge Development Board
171172173174175176177178179180
Apollo3 Blue Datasheet
DS-A3-0p9p1 Page 174 of 909 2019 Ambiq Micro, Inc.
All rights reserved.
4.3 Secure OTA
Apollo3 Blue MCU supports secure OTA leveraging the Ambiq secure boot loader. Customers can update
any firmware component securely as directed via the security policy configuration in OTP.
The basic flow is shown in Figure 10.
Figure 10. Secure OTA Flow
4.4 Secure Key Storage
Key Storage is managed in hardware and provides secure access to keys as needed to support secure
boot as well as any other runtime security operation. A customer key bank is provided and can be
provisioned and allocated as required to support various configurations.
It may also be necessary to initiate key revocation in the event a particular key is compromised, stale or
needing to be refreshed. The Apollo3 Blue MCU provides key revocation for customer key bank keys as
needed. The number of key revocations supported is dependent on the length of keys required and the
partitioning/allocation of the key bank.
4.5 External Flash Inline Encrypt/Decrypt
External flash is supported on Apollo3 Blue MCU via the MSPI controller interface. The MSPI controller
supports inline encrypt/decrypt to enable customers to securely store firmware or any other secure image
data in external flash without concern of the firmware/data confidentiality being compromised.
Initiate OTA
Additional OTA Updates?
no
yes
Download Secure
Blob(s)
ERROR
Error
Register OTA
Downloads with Secure
OTA Installer
Secure OTA
Verification/
Decryption/Installation
Initiate Secure Boot
with New Image