Showing results for 
Search instead for 
Did you mean: 

Query on TFM_Boot,TFM_APPLI and TFM_Loader in STM32U5

Associate III

Hello supportTeam,

Enjoy your day.

I'm developing a firmware upgrade function(Bootloader). STM32U585ZIT6 series controller was chosen by us for our product development, and B-U585I-IOT02A development kit was used for POC.

A firmware update solution is given to the ST Team below i explain which i understand
1. TFM_BOOT(The bootloader)
2. TFM_APPLI( it is execute with our running application and received bin file through y-modem protocol )
3. TFM_LOADER (it runs independently and receives bin files using Ymodem technology).
I successfully upgraded firmware using the above technique and also successfully built using the Enable swap mode functionality.

While TFM_LOADER works independently, TFM_APPLI works with our active application project.
however as I'll discuss below, I have some questions about TFM_APPLI and TFM_LOADER.

1.can I integrate the TFM_APPLI feature (test protection, test TFM, validate secure and non-secure image, and re-install secure and non-secure image) into the TFM_LOADER code? Because the firmware upgrade process must operate independently, in the same way TFM_LOADER, how can this capability be added in TFM_LOADER?

an other choice is TFM_APPLI, that works independently like TFM_LOADER. So, how do you configure TFM_APPLI such that it operates independently?

2.Initial_attestation_priv_key for TFM_Boot is fixed; thus, when this product goes into production, can I change the private key using a y modem command?

Please provide a guidance on above point

Hiren R. Thumar