cancel
Showing results for 
Search instead for 
Did you mean: 

STiROT provisioning on stm32h533

lautiq
Visitor

Hello ST Community,

I’m working on a project using STiROT with TrustZone on an STM32H533, based on the example STiROT_Appli_TrustZone provided in the STM32Cube_FW_H5_V1.5.0 firmware package for the STM32H573. I adapted this example to the H533 and generated the project using CubeMX.

CubeMX successfully created the ROT_Provisioning folder with all necessary scripts (postbuild.bay, XML files, etc.), and I’m using Keil uVision5 for building the project.

However, I’m facing two key issues:

  1. Provisioning and Postbuild Issues:

    • When running the provisioning.bat script, I get this error:
      "Error: appli_enc_sign.hex does not exist use TPC to generate it."
      Checking the log file (ob_flash_programming.log), this suggests the postbuild process isn’t properly generating the encrypted and signed image.

    • The postbuild.bat script also reports:
      "Imgtool ::  Input file not found"

      The binary is being generated in this directory: "C:\ProjectRoot\Binary\appli_s.bin"
      But my project is located here:  "C:ProjectRoot\App_STiRoT_TZ"
      TheSTiRoT_Code_Image.xml references the binary with this relative path:
      <Value>../../../Binary/appli_s.bin</Value>
      <Default>../../../Binary/appli_s.bin</Default>
      I’m wondering if this is the right structure or if the binary should be inside the project folder, like: "C:\ProjectRoot\App_STiRoT_TZ\Binary"

  2. Application Not Executing:
    Even when I manage to provision the board without errors, the application doesn’t seem to execute. For example, the LED that should turn on in my application doesn’t light up — indicating the firmware might not be running or jumping to the non-secure application as expected.

Question:

  • Are the provisioning files generated by CubeMX meant to work without modification, or do they require adjustments?
  • What could cause the application not to start after provisioning, even if there are no reported errors?
  • Are there any checks I can do to confirm if the firmware is being validated and executed by STiROT?

Any help would be greatly appreciated!
Best regards,
Lautaro

0 REPLIES 0