FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

OEMiROT Swap Mode with Single Image (Secure Only) – Binary Not Generated

stst9187
Associate III

‎2026-05-15 12:30 AM

Hi,

I am currently testing OEMiROT and I performed the following 3 tests.

Test 1: Default example

(Overwrite mode enabled + separate Secure and Non-Secure applications)
How to start with OEMiRoT on STM32U3 - stm32mcu

Project:

  • OEMiROT_Appli_TrustZone
  • OEMiROT_Boot

Configuration:

#define MCUBOOT_OVERWRITE_ONLY
/* Defined: FW installation uses overwrite method.
   Undefined: FW installation uses swap mode. */

#define MCUBOOT_APP_IMAGE_NUMBER 2
/* 1: S application only if FLASH_NS_PARTITION_SIZE = 0,
      otherwise S and NS binaries assembled in one single image.
   2: Two separated images for S and NS applications. */

#define MCUBOOT_S_DATA_IMAGE_NUMBER 0
#define MCUBOOT_NS_DATA_IMAGE_NUMBER 0

This test works correctly.

Test 2:

(Swap mode enabled + separate Secure and Non-Secure applications)

Project:

  • OEMiROT_Appli_TrustZone
  • OEMiROT_Boot
/* #define MCUBOOT_OVERWRITE_ONLY */
/* Undefined: FW installation uses swap mode. */

#define MCUBOOT_APP_IMAGE_NUMBER 2

#define MCUBOOT_S_DATA_IMAGE_NUMBER 0
#define MCUBOOT_NS_DATA_IMAGE_NUMBER 0

This test also works correctly.

Test 3:

(Swap mode enabled + Secure-only application / single image)

Project:

  • OEMiROT_Appli_Secure
  • OEMiROT_Boot
/* #define MCUBOOT_OVERWRITE_ONLY */
/* Undefined: FW installation uses swap mode. */

#define MCUBOOT_APP_IMAGE_NUMBER 1
/* Single image configuration */

#define MCUBOOT_S_DATA_IMAGE_NUMBER 0
#define MCUBOOT_NS_DATA_IMAGE_NUMBER 0

In this case, the binary for the OEMiROT_Appli project is not generated.

Has anyone already tested the configuration with no separation between Secure and Non-Secure applications?

Any feedback or suggestions would be appreciated.

Thank you,

Marco

Labels:
0 Kudos
1 REPLY 1
stst9187
Associate III

‎2026-05-15 1:17 AM

Hi,

small update regarding my previous post.

I am now able to generate the binary files correctly with the single-image configuration.

stst9187_0-1778832981578.png

 

However, when I run provisioning.bat, I get the following error:

Error: File does not exist: oemirot_tz_app_init_sign.bin

The issue is that inside the Binary directory the generated file has a different name:

oemirot_tz_s_app_init_sign.bin

So it seems that the provisioning script is looking for:

  • oemirot_tz_app_init_sign.bin

while the generated file is:

  • oemirot_tz_s_app_init_sign.bin

Has anyone already encountered this issue with the single-image / Secure-only configuration?

Thank you.

Marco

0 Kudos
Top