STM32 MCUs Security

PCROP activation with STM32G0B1

Hello,My device contains both a bootloader and an application. I’m currently trying to protect the bootloader using PCROP on the STM32G0B1.As a first approach, I attempted to configure PCROP using STM32CubeProgrammer. However, this failed — once PCR...

Resolved! Adding MCUBoot and secure boot feature into system memory bootloader firmware upgrade

Hi ST team,I am using STM32U5G9 as secondary MCU. It has simple firmware upgrade feature. It would be reset by main MCU and enter system memory bootloader using Boot0 pin. The system memory bootloader would receive upgrade image (application) from ma...

STM32H573 with Secure Manager non-secure app debugging issues

Our own non-secure application is based on "SMAK_Appli" in the STM32TRUSTEE-SM example and in principle, it works, but debugging is giving me issues. This is with STM32CubeIDE latest version and all tools software and firmware updated to their latest...

It is not possible to change the state to "Closed" when USB is connected (STM32H562)

Hi.During production, we use USB to test the board. Finally, the MCU is supposed to be password-protected against flash reads. Unfortunately, it turns out that as long as the USB cable is connected, it's impossible to program the OBK. Segger Device P...

secure bootloader

Hi, I have a doubt. I made some changes in the secure bootloader to achieve certain functionality, but I am unsure whether the code in the secure bootloader is developed by ST (such as drivers or APIs), or if it is intended for user modifications. Sp...

Provisioning STM32H5 via UART and RSS

Hi everyone,Hi @Jocelyn RICARD, @D.Botelho @Jocelyn RICARDyou made this small bootloader example for testing H7 security features, e.g. RDP:https://community.st.com/ysqtg83639/attachments/ysqtg83639/mcu-security-forum/6051/1/STM32H753_SecureMem_Examp...

SBSFU Bootloader Not working In Release mode (When security flags enabled)

Hi Team, I am working on project where we are implementing Secure upgrade feature using SBSFU package, we followed the steps as mentioned by ST community and to integrate SBSFU in our project. we have two modes Debug mode and Release mode.in Debug Mo...

Issue with reading OBK payload plaintext on STM32H573 using SAES and DHUK

I am trying to use the DA function of the STM32H573. I can successfully write the OBK file (with TrustZone disabled) and regression via STM32_Programmer_CLI.exe. However, I encountered an issue when trying to read the plaintext of the OBK payload in ...

STM32L552 HASH Peripheral final digest with a multiple of 512 bits message

I try to understand in details the way the Hash peripheral works on the STM32L552. I need to make the HASH SHA-256 with 224 blocks of 512 bits. The Hash works perfectly until the block 223. Then I enter 16 values in the FIFO (in my code below I have ...

Problems with local structure variables in STM32 with SBSFU

Hello,In a project with STM32 using SBSFU in a U575 microcontroller, why can a local variable of type structure within a function cause failures or unexpected behaviour in the secure zone, while a global variable of the same type works correctly?

STM32 MCUs Security

Forum Posts

PCROP activation with STM32G0B1

Resolved! Adding MCUBoot and secure boot feature into system memory bootloader firmware upgrade

STM32H573 with Secure Manager non-secure app debugging issues

It is not possible to change the state to "Closed" when USB is connected (STM32H562)

secure bootloader

Provisioning STM32H5 via UART and RSS

SBSFU Bootloader Not working In Release mode (When security flags enabled)

Issue with reading OBK payload plaintext on STM32H573 using SAES and DHUK

STM32L552 HASH Peripheral final digest with a multiple of 512 bits message

Problems with local structure variables in STM32 with SBSFU

Not able to parse rsa public key using mbedtls

Guidance on secure vs non-secure peripherals in TF...

STM32 Trusted Package Creator ignoring Security Co...

Can I Create Logging Functionality Within the Secu...

STM32H7Sx - Passing volatile data to lower HDPL le...

How to disable encryption and not using installati...