2012-06-10 10:07 AM
Hi there,
I would like to know if there is a way to protect your binary image in a stm32f device (with mpu). With protection i mean that i would like to secure the binary image that runs on the device from been stolen and used by someone else. Are there any resources/docs to begin with? Thanx2012-06-11 01:06 AM
Yes, there is.
Look in the Flash programming manuals of the parts you would like to use, search for ''RDP'' and ''option byte''. For unknown reasons, it is in a separate manual, not in the Reference Manual.2012-06-11 03:24 AM
Thanx,
If i understand it correctly, the RDP will not allow to have a bootloader for firmware upgration, right? I would like to have the capability of upgrading the firmware with a usb stick for example.2012-06-11 04:42 AM
I did not study this part in detail, I use stm32 part only for my private projects, and don't burden me with this hassle.
But as I remember, you can set the protection level page-wise. Secondly, a flash mass erase is always possible. Thus, a bootloader is certainly possible to implement, but you might need to execute your USB bootloader from RAM when doing a full erase. All those side conditions are mentioned in the manuals. By the way, I know Cortex M3 parts of competitors that have an USB bootlader in ROM ...2012-06-11 08:49 AM
<i>If i understand it correctly, the RDP will not allow to have a bootloader for firmware upgration, right</i>
don't bother much with this, but all chips I know of can be programmed after a TOTAL erase regardless of protection. Erik2012-06-11 09:00 AM
The ROM boot loader has classically disable certain functions when ROP is enabled, it is also possible to disable ROP and get the device back to a raw state.
This will of course make updating it in the field difficult to achieve securely. The FLASH memory can be read by a device using ROP, so a cleverly conceived loader of your own should be able to update the application portion of your flash.2012-06-12 05:51 PM
''If i understand it correctly, the RDP will not allow to have a bootloader for firmware upgration, right?''
If i see Flash IAP code, i see that only WriteProtection is disabled before upgrade. No action on Read Protection. How will hacker able to read the firmware if you have your specific code for IAP ?''I would like to have the capability of upgrading the firmware with a usb stick for example.''
If you mean USB-drive, then you need the USB Host functionality. There is an ST AN on this. IAP using the USB-Disk