2024-10-10 07:04 AM - edited 2024-10-10 07:06 AM
Hi @Jocelyn RICARD
Greetings
We have a query from our support team
"known vulnerability in the STM32U5 series related to the JTAG lock when using RDP (Readout Protection) Level 2."
Is it advisable to proceed with this implementation, or should we consider alternative solutions?
Reference:
STM32 JTAG lock vulnerability with RDP Level 2:SECGlitcher (Part 1) - Reproducible Voltage Glitching on STM32 Microcontrollers - SEC Consult (sec-consult.com)
How can this vulnerability resolved or any other suggestion in this regard
Thanks again
Philip
Solved! Go to Solution.
2024-10-10 08:26 AM
Hello Philip,
As far as I know there is no known vulnerability on the RDP of the STM32U5.
The link you provide concerns old STM32 that were designed before the glitching attacks became common and also when security was not yet a bit concern.
The STM32U5 was certified SESIP Level 3 with board level robustness.
Most of the new STM32 devices have or will get soon the certification.
You can have a look to this page showing which products have a certification.
You can find certificates details in TrustCB page here.
Regarding the STM32 that have no such certification, you can check the ST PSIRT page here
where you will find all the security bulletins and advisories.
In particular TN1489-ST-PSIRT that addresses all STM32 that don't have any certification:
"Regarding STM32 products and their resistance to physical attacks:
Unless an STM32 product is SESIP or PSA certified as having a security assurance level covering physical attacker
resistance, it may be vulnerable to physical attacks"
In conclusion, STM32U5 is not concerned by the attack you mention.
Best regards
Jocelyn
2024-10-10 08:26 AM
Hello Philip,
As far as I know there is no known vulnerability on the RDP of the STM32U5.
The link you provide concerns old STM32 that were designed before the glitching attacks became common and also when security was not yet a bit concern.
The STM32U5 was certified SESIP Level 3 with board level robustness.
Most of the new STM32 devices have or will get soon the certification.
You can have a look to this page showing which products have a certification.
You can find certificates details in TrustCB page here.
Regarding the STM32 that have no such certification, you can check the ST PSIRT page here
where you will find all the security bulletins and advisories.
In particular TN1489-ST-PSIRT that addresses all STM32 that don't have any certification:
"Regarding STM32 products and their resistance to physical attacks:
Unless an STM32 product is SESIP or PSA certified as having a security assurance level covering physical attacker
resistance, it may be vulnerable to physical attacks"
In conclusion, STM32U5 is not concerned by the attack you mention.
Best regards
Jocelyn
2024-10-10 10:13 PM
Hi @Jocelyn RICARD
Greetings
thanks for your update. This information is really helpful for us to continue with further processes
Best Regards
Philip