Ask questions and find answers on STM32 security frameworks and tools, including cryptographic libraries, TrustZone, and the Secure Manager.
What I want to achieve:During startup all code is verified, starting with SMiRoT (as root-of-trust) then SMuRoT, then SecureManager then non-secure application.If the application has been modified (vberification fails) the startup shall end in system...
Hello, I have a problem with setting readout protection in the STM32L496 device in software. The protection is set to "BB". After setting and power on reset, the microcontroller seems to not work (it looks like as if it was "stuck up"). I connected t...
I try to enable the PCROP Feature on a STM32H753I am using the STM32CubeProgrammer and connect via ST-Link V2After connecting, I go to the "OB" page and set the PROT_AREA_END1 value to 0xFFF and activate the DMEP1Then I press the "Apply" button and t...
Hello ST team,I am studying the flash security mechanisms (RDP, WRP, PCROP) on STM32L476RG and I understand how to configure Option Bytes using STM32CubeProgrammer or firmware.What I am trying to understand is the hardware-level enforcement flow of O...
Hello,starting from the example application of the OEMiRot boot project, I noticed that the NS application size is limited to 640kB in the flash_layout.h (#define FLASH_NS_PARTITION_SIZE (0xA0000) /* 640 KB for NS partition */)Since there is 1MB ava...
Hi!I'm working on a Trustzone enabled application in STM32U5A5 nucleo board and have some questions in my mind. I have used the configurations of the example project for the Trustzone, which you can find below: - TZEN=1 - SECWM1_PSTRT=0x0 SECWM1_PE...
I am trying to use the DA function of the STM32H573. I can successfully write the OBK file (with TrustZone disabled) and regression via STM32_Programmer_CLI.exe. However, I encountered an issue when trying to read the plaintext of the OBK payload in ...
I've got an STM32U385 on a custom board that is unresponsive.The software is based on the OEMiROT trustzone example.The sequence of events that lead to this, as nearly as I can remember were:1.) Set up the device with provision.bat, with RDP level 2....
Hello everyone,I am trying to implement SBSFU (Secure Boot Secure Firmware Update) on NUCLEO-G474RE using STM32CubeExpansion_SBSFU_V2.7.0.Initially, everything was working fine and I was able to program the board normally.What I didI followed the SBS...
Hi,based on the ST example where the 640kB RAM is splitted into 2 * 320kB for secure/non-secure application, I want to change this to 32kB/608kB for secure/non-secure app. After modification of the linker files for the secure/non-secure app, the non-...
