cancel
Showing results for 
Search instead for 
Did you mean: 

Facing issue in Erase ,read and update secure firmware in STM32U585ZIT6Q using UART1 with trust zone option enabled

JShah.7
Associate III

Hi;

I am using STM32U585ZIT6Q controller in my current project. I am enabled Trust Zone option. I am using dual bank option too.

I have created two partition in both bank as in attached image.

When i try to update firmware using STM32 cube programmer, able to read and erase non-secure section as well as able to update firmware using system bootloader via USART1.But when i try to erase, read and update secure section ,not able to do that.

I make RDP level 0(default).

nBOOT0 pin level high for boot mode.

Please guide me for same.

4 REPLIES 4
Jocelyn RICARD
ST Employee

Hello @JShah.7​ ,

the system bootloader runs in non secure.

You have set the secure watermarks in the option bytes to select the flash range that will run in secure.

System bootloader cannot access this part.

One possible solution is to temporary change the secure watermarks to set all flash unsecure, flash secure part and then put back the watermarks.

But all in all, this is not a very secure way to update your device ...

Best regards

Jocelyn

Piranha
Chief II

When security is needed, the system bootloader is basically useless. And it doesn't work with RDP level 2 anyway.

JShah.7
Associate III

Thanks,

Can i use SBSFU option with system bootloader if Trust zone is disable?

Jocelyn RICARD
ST Employee

Hello @JShah.7​,

the SBSFU provided in the STM32Cube U5

STM32Cube_FW_U5_V1.2.0\Projects\B-U585I-IOT02A\Applications\SBSFU\

requires the TZ enabled. Reason is that with TZ enabled, you also enable security features such as HDP used to protect secureboot code and keys.

SBSFU is provided with a standalone loader project using Ymodem protocol as example.

You can adapt this loader using OpenBootloader (provided here STM32Cube_FW_U5_V1.2.0\Projects\B-U585I-IOT02A\Applications\OpenBootloader) so that you can use the serial interface you want.

To come back to your question, instead of implementing this loader in flash it may be possible to jump to system bootloader. This would probably require some preparation on secure side (to give system bootloader access to the peripherals, RAM and flash non secure areas).

Once in the system bootloader you would be able to download a binary in specific predefined area (obviously non secure). Then you would need to have a way to reset the target (system bootloader does not provide such service) to give back access to the secureboot and to perform the secure installation of the new firmware.

As you can see this could be challenging.

So, I would advice using ready to use SBSFU solution and only adapt the loader.

Best regards

Jocelyn