Hi all,we would implement SBSFU (Secure Boot and Secure Firmware Update) on STM32U585.Our goals are:application do not use TrustZone feature (TZ_EN = 0)we want to avoid access to MCU on field (Device protection, for exapmle RDP = 1)question: if on fi...
Hello all.I have a question about how to use KMS_GenerateKeyPair() function. There are no examples in the code, and API description is not really enough for my little brain. Could somebody provide me an example on how it should be used? What kind of ...
Hi,My question is about project structure.To implement SBSFU what is the best or correct approach if I have a project that I would like to flash to a target incorporating SBSFU?Import four project folders (SBSFU, SECoreBin, UserApp and MyProject) int...
Hello .According to the reference manual, the default RDP level is set to level 1. However, after performing a full erase with ST-Link and then writing the hex file, the RDP level was found to be set to 0.I would like to set the RDP level to 1 at the...
The project uses Trustzone with a secure bootloader (based on mcuboot) and non-secure application.The application enters STOP3 mode, waiting for interrupt, with EXTI configured on a GPIO line to trigger an interrupt.Waking up from stop mode works per...
Hi,While using the STM32Cube_FW_H5_V1.1.1 repository to explore secure boot on the STM32H5, I saw that the configuration file to generate OEMiRoT_Data.obk is missing. As I want to use my own keys and certificates for the OEMiRoT example application, ...
So, I want to modify provisioning.bat and/or XML files to create an SFI that contains our developed non-secure app instead of default one, Secure Manager, and the various (especially DA one) OBKs.This will then be downloaded into factory-fresh (only ...
Hello,RM0444.Rev5 page 98 says that it is possible to reset it only when:• RDP is set to Level 0, or• RDP is set to Level 1, while Level 0 is requested and a full mass-erase is performed.I supposed that if RDP is changed from level1 to level0 then th...
Hello all,I have a question about additional MPU protection provided by enabling SFU_MPU_PROTECT_ENABLE.What are the main benefits of that?How much "protection value" do we miss if it's disabled?
Hi all,I am using STM32F769I DISCO Board, STM32 CUBEIDE,X-CUBE-SBSFU 2.6.2 , WINDOWS Environment for checking new features in security i.e. secure bootloader.I am newbie to this topic and I have followed compilation procedure as per the readme file,...