OTP portion of FLASH is a valuable asset in some STM32 families and represents a convenient place to store things like security keys. For this, it is desirable - and, as it's part of FLASH, also quite logically expected - that setting read-out protection to any level above 1 prevents the debugger from reading it.
In RM0444 Rev.5 and RM0454 Rev.5 (the current 'G0 manuals), the following text indicates that this should be the case:
The following table appears to indicate the same behaviour:
However, user @DAlbe.3 reported, that he was able to read out OTP using debugger, while RDP was set to Level1.
This, together with the fact, that the above table has changed across RM revisions, rises questions about the OTP's security.
Can ST please comment?
Thanks,
JW
1 ACCEPTED SOLUTION
Accepted Solutions
Hello and sorry to be late.
That seems to be fixed in the product reference manual:
The sentence has been removed:
"No" replaced by "Yes" in this table:
So OTP area can be read even though RDP level 1 is activated.
Edit: it seems that was fixed in RM0444 rev 6. But not yet in RM0454. I will escalate for fix.
Thank you for your contribution.
Hello and sorry to be late.
That seems to be fixed in the product reference manual:
The sentence has been removed:
"No" replaced by "Yes" in this table:
So OTP area can be read even though RDP level 1 is activated.
Edit: it seems that was fixed in RM0444 rev 6. But not yet in RM0454. I will escalate for fix.
Thank you for your contribution.
