STiRoT Provisioning of STM32H573 over SPI

RomThi · ‎2024-07-02

Hi all,

we are developing a product with the STM32H573. The idea is to use the STiRoT for secure firmware update. The MCU is connected to a Linux CPU via SPI. Now we plan to do the provisioning during the production using the Linux CPU that has a ethrnet connection to the outside world.

The question is: Is that possible? Is the boot pin required or is a jump to bootloader sufficient?

I have modified the provisioning scripts to use UART and I have tested it using the H573DK eval board, but it failed. This is because after programming the option bytes the bootloader is not starting again, as STiRoT gets activated. Maybe the sequence can be modified?

What are the detailed steps? E.g. what is the RSS doing and how?

Thx,

Roman

Jocelyn RICARD · ‎2024-07-16

Hello @RomThi ,

In order to make sure the full provisioning can be done through system bootloader, I created a small script to make things simple.

This script assumes that you have already a STiROT configuration properly setup and all files have been generated.

Here it is:

set Prog="C:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\STM32_Programmer_CLI.exe"
set COMPORT=COM204
:: BOOT0 pin shoud be tied to VDD
:: Erase all, BOOT_UBE set to 0xB4 to ensure we boot on bootloader
:: Enable TrusteZone
%Prog% -c port=%COMPORT% -e all -ob  BOOT_UBE=0xB4  -ob  TZEN=0xB4
:: Reset some option bytes as it is done in orignal script
%Prog% -c port=%COMPORT% -ob SRAM2_RST=0 SRAM2_ECC=0 SECWM1_STRT=1 SECWM1_END=0 WRPSGn1=0xffffffff WRPSGn2=0xffffffff SECWM2_STRT=1 SECWM2_END=0 HDP1_STRT=1 HDP1_END=0 HDP2_STRT=1 HDP2_END=0 SECBOOT_LOCK=0xC3
:: Download application and set secure watermarks : To be adapted with actual mapping
%Prog% -c port=%COMPORT%  -d ..\..\Applications\ROT\STiROT_Appli_TrustZone\Binary\appli_enc_sign.hex -ob SECWM1_STRT=0x0 SECWM1_END=0x2 SECWM2_STRT=0x7F SECWM2_END=0x0
:: Switch to provisioning state.
%Prog% -c port=%COMPORT% -ob PRODUCT_STATE=0x17
:: In provisiong state, RSS/bootloader is only boot option.
:: Provision DA and STiROT configuration 
%Prog% -c port=%COMPORT% -sdp ./../DA/Binary/DA_Config.obk -sdp ./Binary/STiRoT_Config.obk  -sdp ./Binary/STiRoT_Data.obk
:: Enable STiROT and lock boot
%Prog% -c port=%COMPORT% -ob BOOT_UBE=0xC3 SECBOOT_LOCK=0xB4
:: Switch to Closed state
%Prog% -c port=%COMPORT% -ob PRODUCT_STATE=0x72
:: Once product state is closed, only possible boot is STiROT.
:: To reopen, launch regression script.

This is supposed to be run from STM32Cube_FW_H5_V1.3.0\Projects\STM32H573I-DK\ROT_Provisioning\DA\

I tested with last version of STM32CubeProgrammer 2.17

I used STiROT_Appli_TrustZone example meaning firmware is composed of secure and non secure applications.

If you have developped your own application you will need to adapt the secure watermark values at line 10

Warning: The last command that closes the product is stuck during around 40 seconds and then times out because it is not able to reconnect. I already raised sometime ago a ticket to manage this closure more properly: When closing, the programmer should just check it cannot connect any more and stop.

I hope this will help

Best regards

Jocelyn

RomThi · ‎2024-07-17

Hello Jocelyn,

thank you very much. I have tested it and it works. Its very simple and understandable.

But I got an error in line 17, because the SECBOOT_LOCK could not be set.

See here:

Error: Expected value for Option Byte "secboot_lock": 0xB4, found: 0x0
Error: Option Byte Programming failed Or modified by application after OB_LAUNCH

As it is woking, I will remove that step. Is that okay?

I have run my script from ".\Projects\STM32H573I-DK\ROT_Provisioning\STiROT" and i have used the "STiROT_Appli".

Here is my modified script:

set Prog="C:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\STM32_Programmer_CLI.exe" 
set COMPORT=COM66 
:: BOOT0 pin shoud be tied to VDD 
:: Erase all, BOOT_UBE set to 0xB4 to ensure we boot on bootloader 
:: Enable TrusteZone 
%Prog% -c port=%COMPORT% -e all -ob BOOT_UBE=0xB4 -ob TZEN=0xB4 
:: Reset some option bytes as it is done in orignal script 
%Prog% -c port=%COMPORT% -ob SRAM2_RST=0 SRAM2_ECC=0 SECWM1_STRT=1 SECWM1_END=0 WRPSGn1=0xffffffff WRPSGn2=0xffffffff SECWM2_STRT=1 SECWM2_END=0 HDP1_STRT=1 HDP1_END=0 HDP2_STRT=1 HDP2_END=0 SECBOOT_LOCK=0xC3 
:: Download application and set secure watermarks : To be adapted with actual mapping 
%Prog% -c port=%COMPORT% -d ..\..\Applications\ROT\STiROT_Appli\Binary\appli_enc_sign.hex -ob SECWM1_STRT=0x0 SECWM1_END=0xF SECWM2_STRT=0x7F SECWM2_END=0x0 
:: Switch to provisioning state. 
%Prog% -c port=%COMPORT% -ob PRODUCT_STATE=0x17 
:: In provisiong state, RSS/bootloader is only boot option. 
:: Provision DA and STiROT configuration 
%Prog% -c port=%COMPORT% -sdp ./../DA/Binary/DA_Config.obk -sdp ./Binary/STiRoT_Config.obk -sdp ./Binary/STiRoT_Data.obk 
:: Enable STiROT and lock boot 
%Prog% -c port=%COMPORT% -ob BOOT_UBE=0xC3 
:: Switch to Closed state 
%Prog% -c port=%COMPORT% -ob PRODUCT_STATE=0x72 
:: Once product state is closed, only possible boot is STiROT. 
:: To reopen, launch regression script.
PAUSE

Best regards,

Roman

Jocelyn RICARD · ‎2024-07-24

Hello @RomThi ,

Yes I confirm this setting does not work in context of bootloader usage.

If you look into the original script, the comment associated to this setting is:

"SECBOOT_LOCK should be set to 0xB4 (locked) to be compliant with certification document"

Now, in STiROT context, this setting is redundant with BOOT_UBE which cannot be changed once in Closed state.

Best regards

Jocelyn