firmware verification

scotzap · ‎2026-01-07

Hello,

I want to add a software update feature to my device, but I am unsure about the correct way to verify a newly installed firmware image. My goal is to make sure that the entire firmware has been written correctly and is not corrupted before the bootloader starts using it.

One idea I have is to calculate a CRC of the whole application at build time and store this CRC at the end of the application image in flash. Then, during boot, the bootloader would calculate the CRC of the application in flash and compare it with the stored value to decide whether the firmware is valid. However, I am not sure if modifying or reserving a part of the application flash for this purpose is a good or recommended approach.

Are there more common or reliable methods to verify a newly installed firmware before activating it? How is this typically handled in bootloader-based firmware update systems?

Tesla DeLorean · ‎2026-01-07

Using a CRC is quite common. Often you can put it a end, and embed a length/size somewhere in the front.

You can also package the update in a way you can validate the new image before writing it.

https://community.st.com/t5/stm32-mcus/how-to-calculate-and-generate-post-build-crc/ta-p/49723

Others use a stronger HASH, say SHA256, and can sign/authenticate using Elliptic Curve, say SECP129R1

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..