cancel
Showing results for 
Search instead for 
Did you mean: 

Is Read-out-protection Level1 compatible with IAP ?

Selso LIBERADO
Associate III
Posted on June 25, 2018 at 19:53

For a customer I want to set RDP Level1 on STM32F4, and put in first sector a bootloader that manager a jump to DFU for device upgrade.

I set the RDP L1 by code at init, and disable it with STMCubeProgrammer.

Will the IAP also be erased with the application code ? How Can I prevent it ?

The AN3965 descirbes an IAP that is not compatible : 

Note: In this application, the read protection is not supported, so the user has to verify that the

Flash memory is not read-protected.

Is there another way to protect code content against reading ?

#stm32-iap #rdp-level-1
3 REPLIES 3
Posted on June 25, 2018 at 20:06

Presumably if you use DFU the firmware will be in plain-text.

You should look at coding your own loader and PC side utilities. Can't say I've wasted a lot of time on RDP recently, but code on the chip should be able to selectively erase, write and read the FLASH. The System Loader has a lot of features suppressed to prevent code removal.

To protect the code you first need to understand how the system works internally better than the people you hope to protect the system against. These are people that read the manuals, and experiment with the functionality as implemented, to understand the limitations and vulnerabilities.

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..
Posted on June 26, 2018 at 10:58

I understand that, but you may also think that the customer doesn't want to pay for such work.

So that using ST protection is a quite efficient way to say that not 'everybody can retrieve the code', and may be sufficient to the customer.

For now the firmware is plain-text, but implementing a tool based on Dfuse library that managed crypted firmware is still something that can be 'valued' to the customer.

Posted on June 26, 2018 at 14:12

>>I understand that, but you may also think that the customer doesn't want to pay for such work.

Yeah, I'd like the garage to service my car for free, but they want about $85/hr + parts & materials.

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..