FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Custom bootloader for stm32h7

Go to solution
SGasp.1
Senior

‎2023-05-12 08:23 AM

Hi community..

In the past i have developed a custom bootloader for the following mcu stm32f7...

I was reading the usb and writing the flash section dedicated for the application.

Now i have to do the same for the stm32H7..

Are the steps the same ?

Are there major differences compared to the stm32f7 family?

I have read also about the trust zone (secure area)..

Is it better to locate the bootloade in a secure flash region?

Do you have some links with examples ?

Thanks a lot

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
Go to solution
Pavel A.
Evangelist III
In response to Pavel A.

‎2023-05-15 01:21 PM

RDP stands for read-out protection of the debugger interface.

The highest RDP level does more than just disabling read-out from the internal flash, it works also like "immutable bootloader".

For more details be sure to read the ST tutorial on security features and the H7 reference manual.

The differences between H7 and H5 are too many. The main one is that H5 has TrustZone, because it is Cortex-M33. It's ST proprietary features are in line with U5 and L5.

View solution in original post

0 Kudos
8 REPLIES 8
Go to solution
Pavel A.
Evangelist III

‎2023-05-12 09:53 AM

Yes, steps are basically same.

STM32H7 does not have TrustZone. The "secure area" is present only in the same H7s that have crypto hardware. Yes, a secured bootloader is a good use for this feature.

By the way, it has a better name in new products - "hide protection".

0 Kudos
Go to solution
SGasp.1
Senior

‎2023-05-12 11:39 AM

thanks @Pavel A.​ .. so it is better to use the H7s in order to achieve the secure bootloader feature.

Am I correct?

Thanks

0 Kudos
Go to solution
Pavel A.
Evangelist III
In response to SGasp.1

‎2023-05-12 03:37 PM

This depends on which grade of security you require. Is the "hide protection" good enough, or your application needs TZ? Or just (almost) any STM32 with RDP1 or 2?

0 Kudos
Go to solution
Piranha
Chief II

‎2023-05-12 05:53 PM

> Are the steps the same ?

Such a question is very strange from a person, who has developed a custom bootloader.

The highest security should be on the new H5 series.

0 Kudos
Go to solution
SGasp.1
Senior

‎2023-05-15 01:29 AM

Hi @Piranha​ .. Yes I have developed a custom bootloade but for a different family. F7 .. Since The H series it is a new family i am just asking... I can image the process is similar this is true.. you mention the h5 should be the highest security .. why ? Thanks

0 Kudos
Go to solution
SGasp.1
Senior
In response to Pavel A.

‎2023-05-15 01:40 AM

Hi @Pavel A.​ thanks for replying.. we don'ty have specific request for cyber for this project.. i was asking what the community can suggest,,, difference between H% and H7.. what is RDP ? Thanks

0 Kudos
Go to solution
Pavel A.
Evangelist III
In response to Pavel A.

‎2023-05-15 01:21 PM

RDP stands for read-out protection of the debugger interface.

The highest RDP level does more than just disabling read-out from the internal flash, it works also like "immutable bootloader".

For more details be sure to read the ST tutorial on security features and the H7 reference manual.

The differences between H7 and H5 are too many. The main one is that H5 has TrustZone, because it is Cortex-M33. It's ST proprietary features are in line with U5 and L5.

0 Kudos
Go to solution
SGasp.1
Senior
In response to Pavel A.

‎2023-05-16 12:13 AM

i will choose the H5 in order to get started with trust zone.

I will put the bootloader code in the secure zone area if i can find where a place where to take inspiration.

Just a simple question @Pavel​ .. is there a development board to test the H5 mcu' thanks a lot

0 Kudos
Top