cancel
Showing results for 
Search instead for 
Did you mean: 

Binary Image protection

pacoblackxx
Associate II
Posted on June 10, 2012 at 19:07

Hi there,

I would like to know if there is a way to protect your binary image in a stm32f device (with mpu).

With protection i mean that i would like to secure the binary image that runs on the device from been stolen and used by someone else.

Are there any resources/docs to begin with?

Thanx
6 REPLIES 6
frankmeyer9
Associate II
Posted on June 11, 2012 at 10:06

Yes, there is.

Look in the Flash programming manuals of the parts you would like to use, search for ''RDP'' and ''option byte''.

For unknown reasons, it is in a separate manual, not in the Reference Manual.

pacoblackxx
Associate II
Posted on June 11, 2012 at 12:24

Thanx,

If i understand it correctly, the RDP will not allow to have a bootloader for firmware upgration, right?

I would like to have the capability of upgrading the firmware with a usb stick for example.

frankmeyer9
Associate II
Posted on June 11, 2012 at 13:42

I did not study this part in detail, I use stm32 part only for my private projects, and don't burden me with this hassle.

But as I remember, you can set the protection level page-wise. Secondly, a flash mass erase is always possible.

Thus, a bootloader is certainly possible to implement, but you might need to execute your USB bootloader from RAM when doing a full erase.

All those side conditions are mentioned in the manuals.

By the way, I know Cortex M3 parts of competitors that have an USB bootlader in ROM ...

emalund
Associate III
Posted on June 11, 2012 at 17:49

<i>If i understand it correctly, the RDP will not allow to have a bootloader for firmware upgration, right</i>

don't bother much with this, but all chips I know of can be programmed after a TOTAL erase regardless of protection.

Erik

Posted on June 11, 2012 at 18:00

The ROM boot loader has classically disable certain functions when ROP is enabled, it is also possible to disable ROP and get the device back to a raw state.

This will of course make updating it in the field difficult to achieve securely.

The FLASH memory can be read by a device using ROP, so a cleverly conceived loader of your own should be able to update the application portion of your flash.
Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..
alok472
Associate II
Posted on June 13, 2012 at 02:51

''If i understand it correctly, the RDP will not allow to have a bootloader for firmware upgration, right?''

 

If i see Flash IAP code, i see that only WriteProtection is disabled before upgrade. No action on Read Protection. How will hacker able to read the firmware if you have your specific code for IAP ?

''I would like to have the capability of upgrading the firmware with a usb stick for example.''

 

If you mean USB-drive, then you need the USB Host functionality. There is an ST AN on this. IAP using the USB-Disk