Post Go back to editing

About the rewriting of firmware via UART(ADuCM3027)

In ADuCM 3027, application notes describe that rewriting of firmware is possible via UART,
After rewriting, the program broke at boot. It ceased to recognize J-LINK.
It may be caused by not being able to rewrite page 0.


Can ADuCM 3027 update the program on its own?
If you have a good sample program please show it to us.

  • Hi ,

    Yes, to provide some background, the ADI kernel that comes pre-programmed in the ADuCM3027/ADuCM3029 supports UART bootloader option for in field updates to the user application through the UART port. The kernel and UART bootloader are described in detail in the "USING THE ADuCM3029/ADuCM3027 PROCESSOR BOOT KERNEL" chapter of ADI user guide: UG-1091. Towards the end of this chapter, the user guide also describes how to use a utility like the Cross Core Serial Flash Programmer (CCSFP) to update the user application code via UART interface (see snapshot below for an example).

    Notes on security

    As such, no change would be required in the user application code for using the UART bootloader feature. However, it is important to consider certain aspects related to security. 

    The kernel in ADuCM3027/ADuCM3029 implements a secure boot scheme in order to provide configurable user code security and integrity. This secure boot scheme utilizes certain user defined parameters in a region of the first page (page 0) of the flash memory. Developers need to exercise caution when overwriting this region of page 0. As an example, page 0 address space 0x180 to 0x18F (16-byte field) corresponds to a read protection key hash. If this field is left at its default value of all 1s (i.e., all bits high), then the kernel understands that no read protection is desired and the SW-DAP interface is automatically enabled during boot. However, if this field is programmed with a non-default value (i.e., some bits are not high), then the kernel will enforce read protection, by disabling SW-DAP interface. In this scenario, the user would be expected to submit the read protection key along with an SSL (Secondary Stage Loader) for updating the user application code using the UART bootloader. Refer Table 4. and accompanying description in the "USING THE ADuCM3029/ADuCM3027 PROCESSOR BOOT KERNEL" chapter of UG-1091 for a complete list of security parameters in flash page 0. See snapshot below.

    If you use the default linker file in ADuCM3027/ADuCM3029 example projects along with the system_ADuCM4050.c file when building your project, you wouldn't normally have to worry about overwriting security parameters. In such a case, you would be able to use the UART bootloader, by simply placing the MCU in to boot mode (hold Boot pin low while SYS_HWRST pin is asserted). And then using a utility like Cross Core Serial Flash Programmer to update the user application code.

    However, if you are using a custom linker file - then do consider the locations of the security parameters so that the user application code does not overwrite the security parameter values. If you do find that the SW-DAP interface has been locked (and you are unable to use JLINK), please try performing a mass erase. For this, you could put the MCU in to boot mode and use the CCSFP utility to perform a mass erase. See snapshot below for an example.

    Best Regards,


  • This question has been assumed as answered either offline via email or with a multi-part answer. This question has now been closed out. If you have an inquiry related to this topic please post a new question in the applicable product forum.

    Thank you,
    EZ Admin