Non-Volatile Storage Read/Write Protection Mechanism In STM32MP2

aditya_m · ‎2026-04-28

Greetings,

We're developing our product on our MYIR MYC-LD25X SoM based on the STM32MP257DAK3 MPU with 8GB eMMC non-volatile storage.

As per our design requirements, I am required to enforce the STM32 MCU Equivalent of CRP Level 1 or 2 on our Non-Volatile storage so that once we have flashed the eMMC with our program, It's content could only be read/written by the program flashed onto the eMMC & not by JTAG, SWD, etc methods.

Using an eMMC chip that provides these protection might be an option but is it atleast possible to enforce write protection using the MPU itself? For example the MPU could have a small program running which could then verify if the contents of the eMMC were tampered with?

Regards,
Aditya M.

PatrickF · ‎2026-04-29

Hi @aditya_m

please look into https://wiki.st.com/stm32mpu/wiki/Security_overview.

I'm not expert in security, but there is many HW and SW mechanism available depending on how far you want to go into security certification and cyberattack resilience (JTAG lock, encryption, secure boot, RIF, etc...).

Beware that protecting external Flash on STM32MP product is far different than protecting the embedded Flash inside STM32 MCUs.

Regards.

In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.
Tip of the day: Try Sidekick STM32 AI agent, see here

aditya_m · ‎2026-05-01

Hi @PatrickF,

After some discussion we've established that secure boot is the way to go, We just want to ensure third-party software cannot be run on our platform & secure boot helps with just that.

I just had one question. Once the control is passed from TF-A to "BL33" or SSBL like U-Boot. Does TF-A verify whether U-Boot has been tampered with?

Because from the documentation I could only find that the FSBL (i.e. TF-A) is verified by the ROM Code but I couldn't find whether U-Boot is verified by TF-A.

Regards.