STM32 MCUs Security

STM32H7Sx - Use HDPL_x DHUK within HDPL_y where x > y

Dear,Is it possible for execution within HDPL_x to use SAES (Secure AES) with a DHUK (Derived Hardware Unique Key) from HDPL_y where x > y?For example:Execution within HDPL2 makes use of SAES to encrypt plaintext p using its DHUK, this results in cip...

Flash Firmware with UID

Hello Firends,Two Questions...1. Firmware Flash with DFU Bootloader succesfully done along with RDP bit. Can we re-flash the fiirmware once RDP L1 is set before through DFU using USB ? my custom board uses STM32F303Rb device. 2. Each STM32 device has...

Flashing SBSFU combined binary to STM32H755 with STM32_Programmer_CLI

I am trying to write a .bat script to reliably flash my combined sbsfu and application binary to a stm32h755. set cube_programmer_cli="C:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\STM32_Programmer_CLI.exe" set fw_bin="combine...

Clarification on SBSFU and Security Configurations on STM32H7B3

Hello everyone, I am working with the STM32H7B3 MCU and evaluating the Secure Boot and Secure Firmware Update (SBSFU) package. My setup uses a dual image slot configuration with the SECBOOT_ECCDSA_WITH_AES128_CBC_SHA256 cryptographic scheme. I would ...

Resolved! Is there a way to unlock STM32H563 if wrong obk file provisioned?

Hello!I a new in this.I have two sets of DA files: for password access and for access via certificate.I've tried to flash a NS-firmware, provision a password.obk, then change Product state to Provisioned/closed. Thas was successful. I can perform a r...

Resolved! STM32U545 – Unable to connect after TrustZone regression (RDP Level 1)

Hi,I am currently facing an issue where TrustZone cannot be disabled on the STM32U545 device with custom hardware.1. [Part Number] STM32U545VET6 on custom hardware2. [Environment] STM32CubeProgrammer 2.20.0 with ST-LINK V2; custom Zephyr application ...

Debug is not printing from iLoader for STM32H7S78-DK

Hello Guys,I tried defining STIROT_ILOADER_DEBUG in the main.h of the iLoader and then i built it and uploaded the Code via script after getting loaded only STiROT Application Logs are are printing but STiROT_iLoader logs are not printing, how can i ...

Flashing an encrypted Firmware

Greetings, I am using a STM32U585 MCU and I made a custom made code that implements the DFU protocol. I could successfully flash a firmare through .bin file and set the Option Bytes, set RDP level 1 and go back to RDP level 0. What I want to do is to...

Resolved! TFM app

Hello,I would like to use the TFM application on STM32CubeIDE for the B-U585I-IOT02A board but I can't find the application anywhere. Any help?

OctoSPI mem-mapped mode not working if TZ enabled on STM32H563

Hi,I'm working on the evalboard of the STM32H563. With a plain project I'm able to activate the memory mapped mode of a plugged nor-flash.If I change the project to have Trustzone activated and divided the application in secure/non-secure part, I'm n...

STM32 MCUs Security

Forum Posts

STM32H7Sx - Use HDPL_x DHUK within HDPL_y where x > y

Flash Firmware with UID

Flashing SBSFU combined binary to STM32H755 with STM32_Programmer_CLI

Clarification on SBSFU and Security Configurations on STM32H7B3

Resolved! Is there a way to unlock STM32H563 if wrong obk file provisioned?

Resolved! STM32U545 – Unable to connect after TrustZone regression (RDP Level 1)

Debug is not printing from iLoader for STM32H7S78-DK

Flashing an encrypted Firmware

Resolved! TFM app

OctoSPI mem-mapped mode not working if TZ enabled on STM32H563

What is the purpose of data swapping in the Crypto...

Provisioning via CANFD bootloader and RSS.

Secure Manager PSA Firmware Update Service

STM32H573 with Secure Manager, non-secure app can'...

H573 Trust Zone / Secure Boot support in Zephyr MC...

AES GCM STM32U545