Ask questions and find answers on STM32 security frameworks and tools, including cryptographic libraries, TrustZone, and the Secure Manager.
I read UM3451 (STM32N6xx security guidance for SESIP level 3 certification) chapter 3.2.2 Secure installation and I wonder why aren't the FSBL signature public keys not written into OTP fuses? Only the 8 words (32 bytes) of hashes of all 8 public key...
We've been using STiROT + OEMuROT for STM32H7S on our system, with our own application.The secure bootloader handles most of its functionality very well, and the security aspects in particular. The scripts provided by ST were very helpful, as was the...
I'm working on a custom STM32U5 board and I'm trying to harden the system.I followed the AN5347 (https://www.st.com/resource/en/application_note/an5347-arm-trustzone-features-for-stm32l5-and-stm32u5-series-stmicroelectronics.pdf) in particular I foll...
When creating a new project (for STM32H573) using CubeMX, it generates defaults keys under ROT_Provisioning\SM\Keys:06/19/2025 03:20 PM 232 ITS_key1.pem02/17/2026 09:34 PM 16 SFI_Encryption_Key.bin02/17/2026 09:34 PM 12 SFI_Encryption_Nonce.bin02/18/...
I created a sample project using the STM32N657-DK, but when I try to debug using ST-LINK, each project does not work and results in a HardFault or similar error.I also tried loading them simultaneously from the debug configuration, but it was not suc...
We need the secure boot and secure firmware update solution for both the execution models to meet the EU-CRA standard:• Execute in place support (XiP support) - direct execute from external QSPI flash• BootROM support - copy from QSPI flash to SDRAM,...
Hello ST Support,I reproduced an ETH TX DMA issue on STM32N6570-DK where the DMA never consumes the TX descriptor.Environment- Board: STM32N6570-DK- Security: TrustZone enabled, Secure-only platform configuration- PHY: ID1=0x001C, ID2=0xC916, link-up...
Have successfully worked throughSTM32Cube_FW_U5_V1.8.0/Projects/B-U585I-IOT02A/Applications/SBSFU/readme.htmlI need to port this (..boot, ..loader, ..appli) to a custom board running STM32U585VIT6.Within the readme it states "This example has been te...
Hello,I'm developing an application with OEMiRoT and trustzone for STM32H563.I'm getting a write protection error (WRPERR) when I try to erase a secure flash sector from secure code that is not protected neither by write protection or HDP. I'm using ...
I am looking for information that compares the security in an STM32U5 or similar with the PUF-based solutions used in competitor's processors. The problem is that "PUF" has a simple explanation that sounds good and a head-to-head analysis of the adv...
