2009-10-18 07:33 AM
Security STM32F103 chip?
2011-05-17 04:12 AM
Hello,
I want to use a STM32F103 for a new secure project. We will make a secure bootloader that can update the firmware by USB. The STM32 must be secure for the application, because we don't want a chinese copy of our new product. Is the STM32 secure? Can you disable JTAG on the STM32 chip after programming? What happens in the following situation: They put our programmed chip on their own STM32 board which has the boot mode from SRAM. Via JTAG they insert code into SRAM that can dump the flash memory by UART and restart the controller so it executes this flash read code. Is this possible? When we write our new code to the Flash from our bootloader, you have to deprotect this part of the flash and they can read the code that you were writing (eg new bootloader part)? Hopefully you will tell that I am wrong :) Kind regards, Ad2011-05-17 04:12 AM
Quote:
Can you disable JTAG on the STM32 chip after programming? What happens in the following situation: They put our programmed chip on their own STM32 board which has the boot mode from SRAM. Via JTAG they insert code into SRAM I don't know if the STM32 can be made secure, but I know disabling JTAG access wouldn't be enough security for your above example. They could still use dual-port RAM, or normal SRAM with a 2nd master on the bus that only writes while the STM32 is held in reset (when the STM32's external bus lines are floating).2011-05-17 04:12 AM
I too would like to know about STM32F103xx security. Nothing is secure but you do not want to know that your code can be copied in Shanghai for $300 ($50 if you speak Chinese) like the PICs and the ATmega series chip can.
I am new to this chip but I was very disappointed to find out that any secret data you put in backup memory can be obtained as easily as erasing the flash and reloading a backup read routine, because the backup memory stays in tact during erase. So if you would not use this chip for a secure project, what would you use for the same performance? :o2011-05-17 04:12 AM
Security is a bitch.
A competing Cortex-M3 vendor has flash ROM protection so secure that your own code can not load a PC-relative literal. That in my mind was overkill. There is also a mode that makes their parts into OTPs. That’s what got me looking at ST parts. I printed out the entire STM32 flash ROM protection scheme over it a year ago. I was picky. My conclusion then was that it would work. A simpler flash ROM protection scheme could prevent JTAG reading flash and any flash or RAM memory execution until the *entire* flash ROM was erased. Oh wait ... how about RAM interrupt vectoring to FSMC space.... But what about operating the part outside of its stated limits? I’ve heard that some protected PIC parts can be read that way?