2022-06-03 03:00 AM
We have plan to support application down-loader from Application context. It means Application has ability to receive new application over the air. Not SBSFU.
In case of Active application got corrupted somehow, then SBSFU is locked the MCU, as we lost Remote application upgrade capability.
Can we enable SBSFU internal loader in case of recovery mechanism condition only, as No valid application exist ?? if we enable, the what is the RISC of Security ??
Solved! Go to Solution.
2022-06-07 01:58 AM
@Fred Thanks for your deep insights and understandings. These details are really very helpful for us 😊 .
Yeash, understood, the design should by defined by us, i think to avoid bricked device, in case of invalid application or NO application, we may take SBSFU local LOADER approach.
Thanks Again.
2022-06-15 08:19 AM
@Fred @Jocelyn RICARD is there any examples exist to check this antirollback mechanism for STM32H753 ?? I want to clearly understood when and how it works, as from source it is little bit tough to understand.
Please help on this.
2022-06-16 01:52 PM
First of all, if you want to experiment the anti-rollback feature, you must not enable ENABLE_IMAGE_STATE_HANDLING. Otherwise, a rollback might occur if the new image is not validated.
This being said, experimenting this feature is not described in the UM2262, but you can do it easily.
Let's assume you have compiled all the projects and installed a version 1 of the User application.
What you can do is:
1.Open the UserApp project in the IDE
2. Change the version in the postbuild step:
cmd /C "cmd /C $PROJ_DIR$\..\..\2_Images_SECoreBin\EWARM\PostBuild.bat "$PROJ_DIR$" "$TARGET_PATH$" "$PROJ_DIR$\UserApp.bin" 1 1" ==> put 2 instead of 1 for the last parameter
3. Install this new version (fw version = 2) and save the .sfb as firmware_version2.sfb
4. Back to UserApp project in iht eIDE, tune the postbuild step to create version 3
5. Install version 3
6. Check that if you try to reinstall version 2, it is rejected (try installing firmware_version2)
7. Clean-up your board and reinstall version 2
8. Start installing version 3, execute a RESET (press black button) after decrypt, while the swap is in progress: after RESET, the installation should be resumed and firmware 3 should be installed.
(Alternate option: you can do the RESET during the decrypt, in this case the installation should not be resumed as we cannot resume the decrypt operation).
2022-06-20 12:08 AM
Yes @Fred I experimented whatever you said, it is working fine.
But in the production field, if you want us to implement rollback feature, need to enable IMAGE_STATE_HANDLING feature right ??
if so, what kind of changes needed in application to validate the firmware image ??