Return Merchandise Authorization State (LCS_RMA)
In the RMA LCS, the device is destined to be returned to the manufacturer.
- This state is irrevocable; the device must not be used when in this state.
- This state allows application firmware to be executed if it can be verified and authenticated via one of the RoTs.
- Any secret keys stored in the NVM have been erased, so it is not possible to perform any application decryption or use any secured assets.
- Debug port is opened to allow fault analysis by the manufacturer.
If a device manufacturer wishes to ensure that the application code cannot be executed in RMA, the device certificates which form the RoT verification must be erased.
If a device manufacturer wishes to ensure that the application code cannot be read, the flash memory must be erased once the device has transitioned to the RMA state.