FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to protect FW from copying on not original boards

Go to solution
MartinL
Associate

‎2025-03-09 7:14 AM - edited ‎2025-03-09 7:15 AM

Hello ST,

We are developing device and we want to provide free FW updates if some bugs occurre. 

Updates will be flashed via DFU - usb communication. 

Currently we are using STM32F411CEU6.

Can you recommend best options for protecting the FW from being copied to a non-original board? Is it possible? Or the only option will be to use your new MCUs with firmware encryption feature? Can you suggest pin-pin replacement for F411?

 

Thank you

Best regards, 

Martin

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
Go to solution
Jocelyn RICARD
ST Employee

‎2025-03-10 2:10 PM

Hello @MartinL ,

if you use USB DFU communication to download your firmware, you will provide update feature but without any security. The firmware will be provided in binary but in clear. This means a hacker could possibly adapt it to another board.

The only was to ensure your firmware is not used for other purpose is to encrypt it and use a secure boot.

You can have a look the X-CUBE-SBSFU solution provided on st.com. There is one example provided for STM32F413 that you can easily port on STM32F411.

After compilation and link, the IDE will launch a postbuild script that will sign and encrypt the firmware.

The secureboot on the STM32 will be able to check the signature and decrypt the firmware.

The update link provided in this example is the UART with Ymodem protocol. It can be changed to use a USB based protocol like DFU.

STM32F4 is quite old now and is not resistant to board level attack such as power glitching.

If you want to increase the level of security, the STM32H5 can be used as replacement with minimum impact on PCB. To  be check with available parts.

STM32H5 is certified PSA and SESIP Level 3 meaning that security mechanisms are resistant to board level attacks. In that case you will also need to use a secure boot. Here the solution is provided as part of the STM32H5Cube. You can find lots of documentation on st wiki on this topic.

Best regard

Jocelyn

View solution in original post

0 Kudos
2 REPLIES 2
Go to solution
Jocelyn RICARD
ST Employee

‎2025-03-10 2:10 PM

Hello @MartinL ,

if you use USB DFU communication to download your firmware, you will provide update feature but without any security. The firmware will be provided in binary but in clear. This means a hacker could possibly adapt it to another board.

The only was to ensure your firmware is not used for other purpose is to encrypt it and use a secure boot.

You can have a look the X-CUBE-SBSFU solution provided on st.com. There is one example provided for STM32F413 that you can easily port on STM32F411.

After compilation and link, the IDE will launch a postbuild script that will sign and encrypt the firmware.

The secureboot on the STM32 will be able to check the signature and decrypt the firmware.

The update link provided in this example is the UART with Ymodem protocol. It can be changed to use a USB based protocol like DFU.

STM32F4 is quite old now and is not resistant to board level attack such as power glitching.

If you want to increase the level of security, the STM32H5 can be used as replacement with minimum impact on PCB. To  be check with available parts.

STM32H5 is certified PSA and SESIP Level 3 meaning that security mechanisms are resistant to board level attacks. In that case you will also need to use a secure boot. Here the solution is provided as part of the STM32H5Cube. You can find lots of documentation on st wiki on this topic.

Best regard

Jocelyn

0 Kudos
Go to solution
MartinL
Associate

‎2025-03-13 12:41 AM

Hello @jocelyn 

Thanks for the information. We will try it and get back if some complication occurs.

 

Best regards,
Martin

0 Kudos
Top