Firmware Protection

bsuthar · ‎2026-03-12

Hello Team,

We have faced the Firmware ( hex file ) theft by Reverse engineering , Our competitor 2 Times. Yes, Two times , while RDP1 is set. We do not have contarct Manufacture in our whole process.

Even Reading / Comparing intertlock of 96 bit UID failed.

MCU is STM32F303.

Can any one suggest a very high Strong Method which ensue complete guarantee for Firmware Protection from any threats. ?

It seems STM32 is so famous that , its weak-leak point also Known.

Getting Assembly / might be "C" code from Hex file looks Staright forward to crackers.

TDK · ‎2026-03-12

Don't give out your HEX file, keep programming in-house.

Use a chip with better security features.

> complete guarantee for Firmware Protection from any threats

Such a thing does not exist.

If you feel a post has answered your question, please click "Accept as Solution".

Andrew Neil · ‎2026-03-12

@bsuthar wrote:
theft by Reverse engineering

What, exactly, do you mean by that?

If it's just "observing the external behaviour" - then no firmware protection can protect against that!

A complex system that works is invariably found to have evolved from a simple system that worked.
A complex system designed from scratch never works and cannot be patched up to make it work.

bsuthar · ‎2026-03-12

@TDK , Of Course we do not give Hex file , Programming and eveything In-house only.

-> Use a chip with better security features

Are U pointing out to H5 / H7 Series ?

Since Product already sold in Qty , we need to maintain STM32F303 Firmware. yes, we can add external security chip. Would below work ?
https://www.st.com/en/secure-mcus/stsafe-a110.html

->Such a thing does not exist

Ohh, thats horrible. then curiouse to know what major brand do for thier security ?

@Andrew Neil

->theft by Reverse engineering

Exactly do not know, but by physical chip attack, opening MCU top dip cover , using specialised machine to extact the fimware by bypassing SWD interface. Few comapny do this pofessionally in china.

Jocelyn RICARD · ‎2026-03-13

Hello @bsuthar ,

STM32F3 family is very old and RDP mechanism is not robust against physical attacks.

You can check this by looking for CVEs. (Common Vulnerability and Exposures) and also the PSIRT page especially the TN1489 : Security bulletin TN1489-ST-PSIRT: Physical attacks on STM32 and STM32Cube firmware"

Important point: "If a service or a feature of an STM32 product is not certified as having physical attacker resistance, such STM32 product should not be considered resistant to physical attacks"

So, whatever level you use RDP1 or RDP2, firmware can be potentially extracted using physical attacks.

The robustness of the readout protection only concerns the debug link.

This statement concerns all STM32 "old" families that are not certified SESIP and PSA Level 3.

This certification insures that readout mechanism cannot be bypassed using board level attacks.

It is not an insurance against chip level attacks which is only addressed by secure elements.

Best regards

Jocelyn

bsuthar · ‎2026-03-14

Hello @Jocelyn RICARD ,

Thanks for clarification.

PSA Level 3 Device names as follow :

1. STM32H523 and STM32H533 with Security Services ( Not sure what Services ?) ,

2. STM32C0xx ,

3. STM32U5 series and

4. STM32H7Sxx series MCUs.

Correct me if i am missing...

With PSA L3 certified chip, Security is Guarnteed ? ( as it mentiones Software IP-Protection USP)

However , PSA L4 is also available. would it be good choice than L3 ?

I could not landed on proper page with : CVEs. (Common Vulnerability and Exposures) u mentioned.

-Bhupendra