FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

IAP: Secure firmware update guidelines

gmate1
Associate II

‎2016-01-29 02:17 AM

Posted on January 29, 2016 at 11:17

I've implemented DFU-OTA over GSM network with Fail-back feature (reverting back to older firmware if the upgrade failed, sudden shutdown during the upgrade and in the event of network error) and so far it seem to work fine (Probably I need to test more), However, I would now like to add security features in the upgrade process. I've heard that there could be man in the middle attack, execution of malicious code by reverse engineering the firmware etc. This topic is very new to me, hence I'm looking for guidelines on what and how I should implement secured f/w upgrade.

My firmware binary (My application firmware that will be flashed on the internal main flash memory of STM32F072) will reside on a HTTPS server and I download this binary over GSM network by issuing AT+ command (STM32 MCU is connected to SIM800H GSM module over UART on the custom board). Some of the first few questions that I've in mind are:

1: Is it possible to sniff the GSM communication that my board is making, then probably doing a Man in the middle attack won't be very difficult. How to subvert such attempts ?

2: Assuming that the HTTPS server where I keep my firmware binary is very robust against attacks (the firmware binary will be uploaded on the server, only after successful authentication), what else can go wrong ?

3: Any other guidelines would be also very helpful.

Thanks,

#iap #stm32f0 #fota
Labels:
0 Kudos
15 REPLIES 15
gmate1
Associate II

‎2016-02-04 05:14 AM

Posted on February 04, 2016 at 14:14

The original post was too long to process during our migration. Please click on the provided URL to read the original post. https://st--c.eu10.content.force.com/sfc/dist/version/download/?oid=00Db0000000YtG6&ids=0680X000006I6Y6&d=%2Fa%2F0X0000000bqS%2FnvOX3QzFQiVpm.PQ9M9vDFtwSEZ9EwXMhpqYyzKyvZw&asPdf=false
0 Kudos
qwer.asdf
Senior

‎2016-02-04 05:37 AM

Posted on February 04, 2016 at 14:37

I don't think you can link the binaries of the ST's crypto library to a PC program. They don't provide the source codes and provide binaries only for different ARM Cortex-M architectures (ARMv6M, ARMv7M) but not for PC (x86/x86_64).

So you'll have to use something different on the PC.
0 Kudos
gmate1
Associate II

‎2016-02-04 06:49 AM

Posted on February 04, 2016 at 15:49

Hmm, Okay, I've downloaded ARM-GNU Toolchain for windows and trying to compile the code natively (removed printf statements for now). Currently seeing some unresolved symbol issues, but hopefully will resolve it and update here. However, debugging a binary built for ARM on x86 platform is going to be difficult for me. I haven't done anything like this in past before (In past I've used GNU Toolchain to build and flash a different ARM Cortex based MCU but no debugging).

Logs: 

$ /cygdrive/c/Program\ Files\ \(x86\)/GNU\ Tools\ ARM\ Embedded/5.2\ 2015q4/bin/arm-none-eabi-gcc.exe -o crypto crypto.c M0_CryptoFW_2_0_6.lib -I../../../Libraries/STM32_Cryptographic_Library/inc -I../../../Libraries/STM32_Cryptographic_Library/inc/Common/ -I../../../Libraries/STM32F0xx_StdPeriph_Driver/inc -I ../../../Libraries/CMSIS/Device/ST/STM32F0xx/Include
c:/program files (x86)/gnu tools arm embedded/5.2 2015q4/bin/../lib/gcc/arm-none-eabi/5.2.1/../../../../arm-none-eabi/lib\libc.a(lib_a-exit.o): In function `exit':
exit.c:(.text.exit+0x2c): undefined reference to `_exit'
M0_CryptoFW_2_0_6.lib(crypto.o): In function `Crypto_DeInit':
..\Crypto_Sources_Files\crypto.c:(i.Crypto_DeInit+0x6): undefined reference to `RCC_AHBPeriphClockCmd'
c:/program files (x86)/gnu tools arm embedded/5.2 2015q4/bin/../lib/gcc/arm-none-eabi/5.2.1/../../../../arm-none-eabi/bin/ld.exe: crypto: hidden symbol `RCC_AHBPeriphClockCmd' isn't defined
c:/program files (x86)/gnu tools arm embedded/5.2 2015q4/bin/../lib/gcc/arm-none-eabi/5.2.1/../../../../arm-none-eabi/bin/ld.exe: final link failed: Bad value
collect2.exe: error: ld returned 1 exit status

0 Kudos
pkumar1883
Associate II

‎2016-02-04 06:49 AM

Posted on February 04, 2016 at 15:49

Dear qwer.asdf,

Thank for giving your suggestion.

I have included the cryptography pre compiled  library file(.a file). So how can linker remove unused section.

0 Kudos
pkumar1883
Associate II

‎2016-02-04 06:59 AM

Posted on February 04, 2016 at 15:59

Dear sidekick,

It doesn't seem possible to use ST Cryptography Library(precompiled .a library file) with PC program. Because ST provides these to run on ARM Architecture.

(I tried it but didnt work)

So I think it would be better to write a simple code on PC which read a chunk of your raw file and send it to your microcontroller for Encryption. Microcontroller returns back the encrypted chunk.

(As suggested by qwer.asdf also)

0 Kudos
gmate1
Associate II

‎2016-02-04 09:33 AM

Posted on February 04, 2016 at 18:33

Okay. Also, My last post about using GNU Toolchain to build a program linked to ST's crypto library for x86 system was completely useless. For the sake of this topic, It does not matter, what toolchain I use (KEIL's, IAR, GNU etc). How on earth, I'm going to run the cross compiled binary (for ARM target) on x86 platform. Even if i do some emulator (maybe Qemu) to emulate ARM architecture, I would be running the binary on an emulated ARM target platform, __not__ on x86 platform.

0 Kudos
Top