4.3.1.1.1 Recovery from the Latest Firmware Version

Secure Firmware Update describes a download partition used to verify and authenticate an incoming image before installation.

The download scratchpad can be used to store the latest revision of firmware restricting. To protect the image as a recovery image, the download scratchpad can be write-protected except when a new download is authorized.

In Figure 4-15, the download partition can serve as a recovery point in the case of corruption of the main image post installation. With a goal of protecting the recovery image, the download image can be write-protected until an authorization is received to allow a new download. During the recovery installation, the recovery image can be write-protected to reduce the risk of corruption of the recovery image. In a system that implements a download scratchpad and an executable region, any analysis of the corrupted executable image needs to be completed before the installation of the recovery image.

This approach restricts access to the download partition and requires additional logic for granting access to writing to the download partition in order to meet the requirements for protecting the recovery image in this example.