How to implement secure boot on STM32 MCU

Meenakshi · ‎2024-09-23

Hi,

I'm using STM32F423ZHT6 MCU board. I want to implement the FOTA as well as Scure Boot on my EVAL board. But I don't have much knowledge about Secure Boot.

So, I refer https://www.st.com/en/embedded-software/x-cube-sbsfu.html and AN5056.

The SBSFU package have some STM32F413- Discovery board example.

How to write a crypto in MCU board?. Is there example code is available.

Then how to check if my scure boot is sucessfully add to my MCU?

Regards,

Mee

Jocelyn RICARD · ‎2024-09-24

Hello @Meenakshi ,

you just need to port the SBSFU example on your target.

Disable first all the protections un app_sfu.h, try using a UART interface to see the traces and adapt or remove the led and push button.

STM32F413 and F423 are the same chip. F423 had only hw accelerated AES enabled. But you don't need this for secure boot.

Best regards

Jocelyn

Meenakshi · ‎2024-09-25

Hi @Jocelyn RICARD ,

Thanks for your reply.

I opened the example code: C:\secureboot\STM32CubeExpansion_SBSFU_V2.6.2\Projects\STM32F413H-Discovery\Applications\2_Images\2_Images_SBSFU\STM32CubeIDE

"you just need to port the SBSFU example on your target." -> I stuck on this process. What are the file I would add to my target project.

Can you please help me?

Regards,

Meenakshi.

Jocelyn RICARD · ‎2024-09-25

Hello @Meenakshi ,

Please have a look to this video explaining how secure boot works.

It is using STM32L4 but principle is exactly the same.

SBSFU is a separate application that you build independently from your application.

Best regards

Jocelyn