For the platform without hardware for NV counter, but having trusted memory It is mentioned that the support is possible as follow : "an active image and related manifest data is stored in trusted memory then the included security counter cannot be compromised."
the impact for this implementation in mcu-boot is limited to :
* The test of the version (security counter is ih_ver from mcuboot header)
* The placement of active image and related manifest data in a trusted memory. Is my understanding correct ?
As the placement of full image in a trusted memory is a constraint. Can we limit the information placed in a trusted memory to :
* image header,
* TLV sections. This seems sufficient to support anti roll back.
Of course additional impact on mcu-boot must be planned but as multi image support is also targeted , the placement of all images in a trusted memory is likely to be unachievable for all configurations.