FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

STM32H573 code protection

abba
Associate II

‎2025-10-01 6:54 PM - edited ‎2025-10-01 6:57 PM

How can the debug interface on the STM32H573 be permanently locked via nonvolatile configuration or fuse?

The SBS chapter of the manual says

The debug configuration can be locked thanks to DBGCFG_LOCK in SBS_DBGLOCKR.
SBS_DBGCR is then no longer writable.
When DBGCFG_LOCK is set to 1, it can be reset only by system or power-on reset.

So SBS_DBGLOCKR is not what I want, as it is not permanent.

The manual refers to PRODUCT_STATE in several places. The "SBS Signals" table in the manual says that the sbs_product_state signal comes from Flash memory:

Signal based on PRODUCT_STATE option byte to activate the different security
mechanisms depending on the product use. Expected values are described in
Section 7: Embedded flash memory (FLASH).

However, there is no mention of this signal in Section 7. What is the Flash programming procedure to change sbs_product_state?

Labels:
0 Kudos
1 REPLY 1
Frantz LEFRERE
ST Employee

‎2025-10-01 11:13 PM - edited ‎2025-10-01 11:13 PM

hello @abba 

I would recommend to have a look in the product state description in the wiki :

https://wiki.st.com/stm32mcu/wiki/Category:Security_with_STM32H5#Product_State

https://wiki.st.com/stm32mcu/wiki/Security:Product_state_for_STM32H5


If you want to deactivate the debug link permanently without any way to reopen it then just move to Closed state.
Be carefull in such config no way to reopen the device.
This is just an option byte that could be program thanks debuging link or from the embedded sofware.

Related article :

https://wiki.st.com/stm32mcu/wiki/Security:Debug_Authentication_for_STM32H5

Br,

Frantz 

0 Kudos
Top