FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to do an OTA update with STM32U5 using Azure RTOS and security features?

Domenico
Associate III

‎2022-06-07 12:57 PM

How can I do an OTA update with STM32U5 using Azure RTOS? I need to implement security features like encryption/decryption, integrety check and authenticiy check.

Labels:
0 Kudos
6 REPLIES 6
Jocelyn RICARD
ST Employee

‎2022-06-29 05:45 AM

Hello @Domenico​,

in the STM32Cube U5 you can find 2 applications that can help you:

STM32Cube_FW_U5_V1.1.0\Projects\B-U585I-IOT02A\Applications\SBSFU\

and

STM32Cube_FW_U5_V1.1.0\Projects\B-U585I-IOT02A\Applications\TFM

both projects implement a secure boot based on opensource MCUBoot.

SBSFU is a "simple" secure boot able to update & launch a secure & non secure application.

TFM is the trustedfirmware-m solution from ARM ported to STM32U5.

You have also a X-CUBE-AZURE package that implements a TFM solution with a non secure application using AzureRTOS + SDK for AZURE cloud connectivity.

You can find most of the security related information, packages and documentation in the STM32Trust page of st.com

Best regards

Jocelyn

0 Kudos
Domenico
Associate III

‎2022-07-02 07:11 AM

Hello @Jocelyn RICARD​,

Thank you for your response. I have seen the applications but the firmware update is done locally via the serial interface and not via OTA.

It seems that AzureRTOS does not support OTA updates like FreeRTOS with the OTA library; it is not clear how to make an OTA update with AzureRTOS.

Thank you

0 Kudos
Jocelyn RICARD
ST Employee

‎2022-07-04 07:49 AM

Hello @Domenico,

the OTA update implementation is ongoing. It is not available yet with Azure Cloud.

Best regards

Jocelyn

0 Kudos
Domenico
Associate III

‎2022-07-09 02:51 PM

Hello @Jocelyn RICARD​,

Is the OTA update available using my own server?

Is there a release date scheduled for the OTA update implementation?

Thank you

0 Kudos
Jocelyn RICARD
ST Employee

‎2022-07-12 10:06 AM

Hello Domenico,

You can implement your own OTA update.

Just need to get the file from your server and write it to the download slot.

An example of such update (using just local Ymodem for transfer) is provided in the TFM example provided in the STM32Cube_FW_U5:

STM32Cube_FW_U5_V1.1.0\Projects\B-U585I-IOT02A\Applications\TFM\

in the non secure application example (fw_update_app.c)

Don't forget to write the magic trailer value to trigger installation at next reset.

Best regards

Jocelyn

0 Kudos
Domenico
Associate III

‎2022-08-09 10:45 AM

Hi @Jocelyn RICARD​,

I am trying to modify the SBSFU example to STM32CubeU5, creating my own application with STM32CubeMX but when I import the code the compilation fails. In my application, I would like to use NetXDuo to download the microcontroller update, write the code to the flash memory taking advantage of the functions defined in fw_update_app.c, with the appropriate modifications, and through SBSFU perform the installation and safe boot.

I have included the pre-build and post-build commands and modified the output files so I don't have problems with script execution. I can produce the application binaries and load them into the microcontroller but the application does not run.

Compared with the files produced by STM32CubeMX, I noticed that the stm32u585xx_flash_ns.icf and stm32u585xx_flash_ns.icf files have different values. Do we need to edit these files and also edit the startup_stm32u5xx.c files? Is it necessary to make other configurations and/or modify other files and parameters?

Thank you

0 Kudos
Top