FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to disable or protect the spi, uart, usb and jtag interfaces in STM32F30CBT6 microcontroller ? As these interfaces are not used, it's having security threats to the firmware present in the microcontroller.

User16439090138331847286
Associate

‎2022-02-03 09:24 AM

 
Labels:
0 Kudos
5 REPLIES 5
Paul1
Lead

‎2022-02-03 10:21 AM

Unlike a PC, these type of ports on an MCU actually aren't connected to pins unless configured by code.

There are circuits in the STM32 that do this under code control, and can be setup using STM32CubeMX, or by writing your own code. It is normal to have the unused ports/modules remain in a powered down state and not connected to pins so as to minimize power consumption of the product.

If you have configured the STM32 so some of these (SPI, I2C...) are enables and connected to pins, and have put code in the STM32 to monitor for data input on these pins, then your code should also check the validity of that data.

There are AppNotes and others sections on ST website about security for IOT and other products.

Paul

0 Kudos
Tesla DeLorean
Guru

‎2022-02-03 10:38 AM

The primary threat is from people who've read and understood the device documentation and underlying concepts, vs those with a very peripheral understanding.

As Paul points out most of these actually need software/configuration behind them to function in those modes at all. If you expose UARTs for AT command interfaces, or other plain-text interactions, you're going to need to make sure your code is robust and resilient. You can typically lock-down the flash and JTAG/SWD, but if someone has physically access what's to stop someone decapping and analyzing the part, or using more advanced IC QA tools/abilities, or ready access to said.

What's the STM32F30CBT6 ?? Missing some digits there..

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..
0 Kudos
TDK
Guru

‎2022-02-03 11:56 AM

> How to disable or protect the spi, uart, usb and jtag interfaces in STM32F30CBT6 microcontroller ?

RDP level 1 can prevent your code from being read out.

JTAG can be disabled by setting RDP level 2, which is irreversible, also disables SWD as well as any debugging functionality.

> As these interfaces are not used, it's having security threats to the firmware present in the microcontroller.

What security threats do unconnected peripherals pose?

If you feel a post has answered your question, please click "Accept as Solution".
0 Kudos
TDK
Guru
In response to Paul1

‎2022-02-03 11:57 AM

> Unlike a PC, these type of ports on an MCU actually aren't connected to pins unless configured by code.

True for most, but not true for JTAG which is enabled on reset.

If you feel a post has answered your question, please click "Accept as Solution".
0 Kudos
MM..1
Chief II

‎2022-02-04 04:34 AM

Maybe i understand question as howto protect boot to system loader over boot0 pin.

But i mean here if RDP is 1 read or write firmware is immpossible or ?

0 Kudos
Top