FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

STM32H753 SFI Error: Invalid state after SFI install

theHolgi
Associate II

‎2025-11-11 6:30 AM

Device details

MPU: STM32H753AII6

theHolgi_0-1762861919789.png

Connection:
Probe: J-Link V11.00 / SW version V7.98c 

theHolgi_1-1762862156001.png

STM toolset: STM32 Cube Programmer / Trusted Package Creator v2.20.0

SFI programming fails with error:
Error: SECURITY State Fail
Error: Invalid state after SFI install !
Error: RSS internal system error or License is invalid !

 

I also tried against the STM32H757I-EVAL board, which has a compatible CPU, with the same result.

-----

HSM provisioning

HSM provisioningHSM provisioning

For Personalization Data I chose the group with the H753 in it, and from the 4 options in dropdown list the combination of "SFI" and Device ID "45002001" which is how the STM32H753 identifies.

SFI creation

For the simplified example, there is only one section of code starting from default address 0x08000000.
Settings for RAM size and continuation token are default, and seem to make sense.

Option bytes are, except for RDP level = 0xBB (level 1), identical to the defaults after mass erase.

SFI creationSFI creation

SFI flashing

SFI flashingSFI flashing

Complete log:

15:25:42 : STM32CubeProgrammer API v2.20.0 | Linux-64Bits 
15:25:57 : UR connection mode is defined with the HWrst reset mode
15:25:57 : UR connection mode is defined with the SWrst reset mode
15:26:05 : UR connection mode is defined with the HWrst reset mode
15:26:05 : UR connection mode is defined with the SWrst reset mode
15:26:05 : 51022075
15:26:05 : Device=Cortex-M7
15:26:05 : Device ID   : 0x450
15:26:05 : Voltage     : 3,30V
15:26:06 : UPLOADING OPTION BYTES DATA ...
15:26:06 :   Bank          : 0x00
15:26:06 :   Address       : 0x5200201c
15:26:06 :   Size          : 308 Bytes
15:26:06 : UPLOADING ...
15:26:06 :   Size          : 1024 Bytes
15:26:06 :   Address       : 0x8000000
15:26:06 : Read progress:
15:26:06 : Data read successfully
15:26:06 : Time elapsed during the read operation is: 00:00:00.004
15:26:24 : SFI parsing file started ...
15:26:24 : SFI header information    : 
15:26:24 :     SFI protocol version        : 2
15:26:24 :     SFI total number of areas   : 5
15:26:24 :     SFI image version           : 0
15:26:24 : SFI Areas information     : 
15:26:24 : Parsing Area 1/5    : 
15:26:24 :     Area type                   : F
15:26:24 :     Area size                   : 122816
15:26:24 :     Area destination address    : 0x8000000
15:26:24 : Parsing Area 2/5    : 
15:26:24 :     Area type                   : P
15:26:24 :     Area size                   : 32
15:26:24 :     Area destination address    : 0x81FF000
15:26:24 : Parsing Area 3/5    : 
15:26:24 :     Area type                   : R
15:26:24 :     Area size                   : 32
15:26:24 :     Area destination address    : 0x81FF000
15:26:24 : Parsing Area 4/5    : 
15:26:24 :     Area type                   : F
15:26:24 :     Area size                   : 59776
15:26:24 :     Area destination address    : 0x801DFC0
15:26:24 : Parsing Area 5/5    : 
15:26:24 :     Area type                   : C
15:26:24 :     Area size                   : 36
15:26:24 :     Area destination address    : 0x0
15:26:24 : Parsed File SUCCESS
15:26:39 : getProductID command execution finished
15:26:42 : Requesting Chip Certificate from device ...
15:26:42 : Get Certificate done successfully
15:26:42 : requesting license for the current STM32 device
15:26:42 : Init Communication ... 
15:26:42 : P11 lib initialization Success!
15:26:42 : Opening session with slot ID 1... 
15:26:42 : Succeed to Open session with reader slot ID 1 
15:26:43 : Succeed to generate license for the current STM32 device
15:26:43 : Closing session with reader slot ID 1... 
15:26:43 : Session closed with reader slot ID 1 
15:26:43 : Closing communication with HSM... 
15:26:43 : Communication closed with HSM 
15:26:43 : Succeed to get License for Firmware from HSM slot ID 1
15:26:43 : Starting Firmware Install operation...
15:26:43 : Activating security...
15:26:43 : Warning: Option Byte: SECURITY, value: 0x1, was not modified.
15:26:43 : Warning: Option Bytes are unchanged, Data won't be downloaded
15:26:43 : Time elapsed during option Bytes configuration: 00:00:00.002
15:26:43 : Activating security Success
15:26:43 : Setting write mode to SFI
15:26:43 : Warning: Option Byte: BCM7, value: 0x1, was not modified.
15:26:43 : Warning: Option Byte: SECURITY, value: 0x1, was not modified.
15:26:43 : Warning: Option Byte: ST_RAM_SIZE, value: 0x3, was not modified.
15:26:43 : Warning: Option Bytes are unchanged, Data won't be downloaded
15:26:43 : Time elapsed during option Bytes configuration: 00:00:00.002
15:26:43 : Succeed to set write mode for SFI
15:26:43 : Starting SFI part 1
15:26:43 : Writing license to address 0x24020800
15:26:43 : Writing Img header to address 0x24021000
15:26:43 : Writing areas and areas wrapper...
15:26:43 : RSS process started...
15:26:53 : RSS command execution OK
15:26:53 : RSS complete Value = 0xCC000007
15:26:53 : Reconnecting...
15:26:54 : Device=Cortex-M7
15:26:54 : Device ID   : 0x450
15:26:54 : Reconnected !
15:26:54 : Error: SECURITY State Fail
15:26:54 : Error: Invalid state after SFI install !
15:26:54 : Error: RSS internal system error or License is invalid !
15:26:54 : Aborting...
15:26:55 : Time elapsed during option Bytes configuration: 00:00:00.335
15:27:00 : Time elapsed during option Bytes configuration: 00:00:05.146
15:27:00 : Waiting 8s for end of regression...
15:27:00 : Display OB after Abort for sanity check
15:27:00 : OPTION BYTES BANK: 0
15:27:00 :    Read Out Protection:
15:27:00 :      RDP          : 0xAA (Level 0, no protection) 
15:27:00 :    BOR Level:
15:27:00 :      BOR_LEV      : 0x3 (reset level is set to VBOR3) 
15:27:00 :    User Configuration:
15:27:00 :      IWDG1_SW     : 0x1 (Independent watchdog is controlled by software) 
15:27:00 :      NRST_STOP_D1 : 0x1 (STOP mode on Domain 1 is entering without reset) 
15:27:00 :      NRST_STBY_D1 : 0x1 (STANDBY mode on Domain 1 is entering without reset) 
15:27:00 :      FZ_IWDG_STOP : 0x1 (Independent watchdog is running in STOP mode) 
15:27:00 :      FZ_IWDG_SDBY : 0x1 (Independent watchdog is running in STANDBY mode) 
15:27:00 :      SECURITY     : 0x1 (Security feature enabled) 
15:27:00 :      BCM7         : 0x1 (CM7 boot enabled) 
15:27:00 :      NRST_STOP_D2 : 0x1 (STOP mode on Domain 2 is entering without reset) 
15:27:00 :      NRST_STBY_D2 : 0x1 (STANDBY mode on Domain 2 is entering without reset) 
15:27:00 :      SWAP_BANK    : 0x0 (after boot loading, no swap for user sectors) 
15:27:00 :      IO_HSLV      : 0x0 (Product working in the full voltage range, I/O speed optimization at low-voltage disabled) 
15:27:00 :    Boot address Option Bytes:
15:27:00 :      BOOT_CM7_ADD0: 0x800  (0x8000000) 
15:27:00 :      BOOT_CM7_ADD1: 0x1FF0  (0x1FF00000) 
15:27:00 :    PCROP Protection:
15:27:00 :      PROT_AREA_START1: 0xFF  (0x800FF00) 
15:27:00 :      PROT_AREA_END1: 0x0  (0x80000FF) 
15:27:00 :      DMEP1        : 0x0 (Flash Bank 1 PCROP zone is kept when RDP level regression (change from level 1 to 0) occurs) 
15:27:00 :      PROT_AREA_START2: 0xFF  (0x810FF00) 
15:27:00 :      PROT_AREA_END2: 0x0  (0x81000FF) 
15:27:00 :      DMEP2        : 0x0 (Flash Bank 2 PCROP zone is kept when RDP level regression (change from level 1 to 0) occurs) 
15:27:00 :    Secure Protection:
15:27:00 :      SEC_AREA_START1: 0xFF  (0x800FF00) 
15:27:00 :      SEC_AREA_END1: 0x0  (0x80000FF) 
15:27:00 :      DMES1        : 0x0 (Flash Bank 1 secure area is kept when RDP level regression (change from level 1 to 0) occurs) 
15:27:00 :      SEC_AREA_START2: 0xFF  (0x810FF00) 
15:27:00 :      SEC_AREA_END2: 0x0  (0x81000FF) 
15:27:00 :      DMES2        : 0x0 (Flash Bank 2 secure area is kept when RDP level regression (change from level 1 to 0) occurs) 
15:27:00 :    DTCM RAM Protection:
15:27:00 :      ST_RAM_SIZE  : 0x3 (16 KB) 
15:27:00 :    Write Protection:
15:27:00 :      nWRP0        : 0x1 (Write protection not active on this sector) 
15:27:00 :      nWRP1        : 0x1 (Write protection not active on this sector) 
15:27:00 :      nWRP2        : 0x1 (Write protection not active on this sector) 
15:27:00 :      nWRP3        : 0x1 (Write protection not active on this sector) 
15:27:00 :      nWRP4        : 0x1 (Write protection not active on this sector) 
15:27:00 :      nWRP5        : 0x1 (Write protection not active on this sector) 
15:27:00 :      nWRP6        : 0x1 (Write protection not active on this sector) 
15:27:00 :      nWRP7        : 0x1 (Write protection not active on this sector) 
15:27:00 :      nWRP8        : 0x1 (Write protection not active on this sector) 
15:27:00 :      nWRP9        : 0x1 (Write protection not active on this sector) 
15:27:00 :      nWRP10       : 0x1 (Write protection not active on this sector) 
15:27:00 :      nWRP11       : 0x1 (Write protection not active on this sector) 
15:27:00 :      nWRP12       : 0x1 (Write protection not active on this sector) 
15:27:00 :      nWRP13       : 0x1 (Write protection not active on this sector) 
15:27:00 :      nWRP14       : 0x1 (Write protection not active on this sector) 
15:27:00 :      nWRP15       : 0x1 (Write protection not active on this sector) 
15:27:00 : Abort SUCCESS
15:27:00 : Disconnected from device.

 

Labels:
0 Kudos
1 REPLY 1
Jocelyn RICARD
ST Employee

‎2025-11-11 7:18 AM

Hello @theHolgi ,

The Segger driver attached to STM32CubeProgrammer does not have the capability to handle SFI properly as far as I know.

You can use either STLink or Segger Programmer.

Best regards

Jocelyn

0 Kudos
Top