FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

STM32 Bootloader: FAA DO-178 Certification?

Go to solution
Niramas
Associate II

‎2025-04-24 1:16 PM - last edited on ‎2025-04-29 9:52 AM by

Is the internal bootloader on the STM32H723 DO-178 certified?   It just dawned on me that the whole line of CPUs might be disqualified for aircraft use because the bootloader code "flies" with the aircraft and all such code must be certified to the level declared by the system (DAL levels A-D).   Do you have avionics customers that use these?  Can the bootloader be erased?

Regards,

Mark

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
Go to solution
Roger SHIVELY
ST Employee

‎2025-04-25 4:29 PM - last edited on ‎2025-04-29 9:39 AM by

Hello @Niramas 

 

This post has been escalated to the ST Online Support Team for additional assistance.

Regards.

Roger

View solution in original post

0 Kudos
17 REPLIES 17
Go to solution
Pavel A.
Evangelist III

‎2025-04-24 11:57 PM

For unmanned avionics (aka drones) be assured that people use STM32H7's and have no complaints about the internal bootloader.

> Can the bootloader be erased?

No, unfortunately.

 

0 Kudos
Go to solution
Amel NASRI
ST Employee

‎2025-04-25 6:17 AM

Hi @Niramas ,

Our current STM32 MCUs are general purpose ones and not qualified for aircraft usage.

This post has been escalated to the ST Online Support Team for additional assistance. They may contact you directly in case they have some farther information to add.

-Amel

To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.

0 Kudos
Go to solution
Niramas
Associate II
In response to Pavel A.

‎2025-04-25 6:21 AM

The question has to do with FAA certification, not whether it works.

0 Kudos
Go to solution
Niramas
Associate II
In response to Amel NASRI

‎2025-04-25 6:25 AM

Thank you for the response.   Can you verify that the BL area cannot be erased?  Can it come unprogrammed by special order?   This question matters in that we have product that would be OK at low verification levels (e.g. controlling seat positions)  but would be disqualified at higher safety levels (e.g. controlling landing gear).

0 Kudos
Go to solution
Amel NASRI
ST Employee
In response to Niramas

‎2025-04-25 8:08 AM

As already answered by Pavel, the BL area cannot be erased.

Special orders should be discussed with Sales, better to submit your complete request in OLS in this case.

-Amel

To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.

0 Kudos
Go to solution
Pavel A.
Evangelist III

‎2025-04-25 2:31 PM

Would it help to know that STM32H7 can be programmed so that the internal bootloader is never activated?  (both boot addresses are set to the user app) 

0 Kudos
Go to solution
Roger SHIVELY
ST Employee

‎2025-04-25 4:29 PM - last edited on ‎2025-04-29 9:39 AM by

Hello @Niramas 

 

This post has been escalated to the ST Online Support Team for additional assistance.

Regards.

Roger

0 Kudos
Go to solution
Niramas
Associate II
In response to Pavel A.

‎2025-04-28 7:42 AM

The FAA expects all code that flies with the plane be certified to the safety level of the system.  

0 Kudos
Go to solution
Pavel A.
Evangelist III
In response to Niramas

‎2025-04-28 8:05 AM - edited ‎2025-04-28 8:05 AM

Well then if I fly with a laptop full of Windows and other stuff, do I have to certify it? If the answer is no because it is not connected to the systems, then the passive part of STM32 firmware is not connected too.

 

0 Kudos
Top