FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Security STM32F103 chip?

info138
Associate II

‎2009-10-18 07:33 AM

Posted on October 18, 2009 at 16:33

Security STM32F103 chip?

0 Kudos
4 REPLIES 4
info138
Associate II

‎2011-05-17 04:12 AM

Posted on May 17, 2011 at 13:12

Hello,

I want to use a STM32F103 for a new secure project. We will make a secure bootloader that can update the firmware by USB. The STM32 must be secure for the application, because we don't want a chinese copy of our new product. Is the STM32 secure? Can you disable JTAG on the STM32 chip after programming? What happens in the following situation: They put our programmed chip on their own STM32 board which has the boot mode from SRAM. Via JTAG they insert code into SRAM that can dump the flash memory by UART and restart the controller so it executes this flash read code. Is this possible? When we write our new code to the Flash from our bootloader, you have to deprotect this part of the flash and they can read the code that you were writing (eg new bootloader part)?

Hopefully you will tell that I am wrong 🙂

Kind regards,

Ad

0 Kudos
miles
Associate II

‎2011-05-17 04:12 AM

Posted on May 17, 2011 at 13:12

Quote:

Can you disable JTAG on the STM32 chip after programming? What happens in the following situation: They put our programmed chip on their own STM32 board which has the boot mode from SRAM. Via JTAG they insert code into SRAM

I don't know if the STM32 can be made secure, but I know disabling JTAG access wouldn't be enough security for your above example. They could still use dual-port RAM, or normal SRAM with a 2nd master on the bus that only writes while the STM32 is held in reset (when the STM32's external bus lines are floating).

0 Kudos
georgelpowell
Associate

‎2011-05-17 04:12 AM

Posted on May 17, 2011 at 13:12

I too would like to know about STM32F103xx security. Nothing is secure but you do not want to know that your code can be copied in Shanghai for $300 ($50 if you speak Chinese) like the PICs and the ATmega series chip can.

I am new to this chip but I was very disappointed to find out that any secret data you put in backup memory can be obtained as easily as erasing the flash and reloading a backup read routine, because the backup memory stays in tact during erase.

So if you would not use this chip for a secure project, what would you use for the same performance? :o

0 Kudos
picguy
Associate II

‎2011-05-17 04:12 AM

Posted on May 17, 2011 at 13:12

Security is a bitch.

A competing Cortex-M3 vendor has flash ROM protection so secure that your own code can not load a PC-relative literal. That in my mind was overkill. There is also a mode that makes their parts into OTPs. That’s what got me looking at ST parts.

I printed out the entire STM32 flash ROM protection scheme over it a year ago. I was picky. My conclusion then was that it would work. A simpler flash ROM protection scheme could prevent JTAG reading flash and any flash or RAM memory execution until the *entire* flash ROM was erased.

Oh wait ... how about RAM interrupt vectoring to FSMC space....

But what about operating the part outside of its stated limits? I’ve heard that some protected PIC parts can be read that way?

0 Kudos
Top