cancel
Showing results for 
Search instead for 
Did you mean: 

Best practice with SBSFU when manufacturing

Zoey
Associate III

SBSFU considers the secure boot as the root of trust. If we develop the firmware and manufacture the products in a factory (I assume that the firmware should be programmed during the manufacturing in the factory), how to guarantee the secure boot is correctly programmed? Any guideline for a good practice? Thanks!

1 REPLY 1
Jocelyn RICARD
ST Employee

Hello Zoey,

this is important question indeed as SBSFU embedded the keys used to authenticate current firmware and decrypt the updates.

The usual way to perform secure firmware programming during factory is to use dedicated tools like flasher secure provided by Segger.

Principle is to flash the chip in a kind of secure box connected to a secure server through ethernet. The firmware is then transmitted through a secure channel to the secure box.

ST also provides the SFI solution (Secure Firmware Install). This solution is today only applicable to STM32H753 and STM32L465CEU6F (Specific part number for L4)

It will also be available in the coming STM32L5. You can find documentation about this on st.com.

The necessary tools to be able to use SFI are STM32CubeProgrammer, a PC with a smartcard interface, a Smartcard format HSM (Hardware Security Module) sold by ST, and a STLink or USB to communicate with the chip to program.

With SFI, you provide only an encrypted firmware to the manufacturer and the decryption is done inside the chip itself.

The decryption key is encrypted in the HSM with the public key of the chip transmitted to chip through the the STM32CubeProgrammer and decrypted in the chip thanks to its private key.

Best regards

Jocelyn