The SRK is not a single key but a table of up to 4 public keys. You generate 4 key pairs: SRK1, SRK2, SRK3, SRK4.
For developers looking to implement these features, NXP provides several tools: qoriq trust architecture 2.1 user guide
Version 2.1 of the Trust Architecture represents a significant evolution, primarily driven by the integration of the ARM ecosystem into the QorIQ LS series processors. The primary differences between Trust Architecture 2.1 and previous versions are: The SRK is not a single key but
Note: For details, see "Section 5.5 Trusted Manufacturing Process" in the QorIQ Trust Architecture 2.1 User Guide, which outlines the precise sequence to prevent bricking the device. 4. Tamper Detection and Anti-Cloning The primary differences between Trust Architecture 2
The SNVS block monitors internal sensors and external pins for anomalous conditions indicative of a physical attack:
Secure Boot allows the system to "encapsulate" sensitive data into "blobs." These are encrypted using a device-unique key that never leaves the hardware. A blob created on one chip cannot be decrypted on another.
../cst --sign-esbc --in u-boot.bin --out u-boot-signed.bin --key srk1_4096.pem --sec-fw