Moving STM32U585 back from RDP level 2 to blank state

ELuca.2 · ‎2023-06-23

Hello,

I need a quick confirmation. Assuming I have correctly provisioned OEM1KEY and OEM2KEY and I don't use OTP memory, I will always be able to revert my STM32U585 chip from RDP level 2 to blank state (RDP level 0, erased Flash, TrustZone disabled) and then be able to program again a brend new firmware.

Is that right?

Jocelyn RICARD · ‎2023-06-23

Hello @ELuca.2 ,

Yes, on STM32U5 if you properly provisioned the OEM2KEY, you can regress to RDP1. This regression will allow you to connect to the board and perform a regression to RDP0.

If you provision a OEM1KEY you will need to provide if also.

I'm not sure why you mention OTP memory in this context.

Best regards

Jocelyn

View solution in original post

AScha.3 · ‎2023-06-23

If you feel a post has answered your question, please click "Accept as Solution".

Jocelyn RICARD · ‎2023-06-23

Hello @ELuca.2 ,

Yes, on STM32U5 if you properly provisioned the OEM2KEY, you can regress to RDP1. This regression will allow you to connect to the board and perform a regression to RDP0.

If you provision a OEM1KEY you will need to provide if also.

I'm not sure why you mention OTP memory in this context.

Best regards

Jocelyn

ELuca.2 · ‎2023-06-23

Thank you Jocelyn,

I mentioned OTP because even after RDP regression these data cannot be put back at the initial value, when the chip was taken out of the box.

One more question: you seem to say that OEM2KEY would be sufficient to revert from RDP 2 to 0. I don't need to provision OEM1KEY?

Jocelyn RICARD · ‎2023-06-27

Hi @ELuca.2

first OTP is independent. So using or not OTP will not change RDP behaviour.

OEM2KEY is mandatory to regress from RDP2 to RDP1.

Then, once in RDP1, if you provisioned an OEM1KEY, you must provide it to regress to RDP0. If you didn’t, you can regress to RDP0 like legacy.

Best regards

Jocelyn