STM32MPUs security overview

Introduction

The STMP32MPU platform and OpenSTLinux provides elementary security features to help customer to build a desired global security level for their application.  

This FAQ is an overview of these elementary security features presented in the following ST MPU wiki article https://wiki.st.com/stm32mpu/wiki/Security_overview

1. Secure boot and open trusted execution environment (OP-TEE)

The trusted boot chain ensures the integrity of binaries of the First Stage (TF-A firmware) , of the Second Stage Boot Loaders (Uboot firmware) and OP-TEE. 

The STM32MPUs ROM code performs a binary authentication check of a signed TF-A firmware. This is done with an asymmetric ECDSA public key stored in STM32MPU OneTimeProgramming (OTP) peripheral and with TF-A binary headers with its signature. Secure boot on STM32MPU platform prevents the ROM code from booting when TF-A binaries have been replaced by hacked binaries in flash. ROM Secure boot is the first pillar of the Chain of Trust of the trusted boot chain.

Once the TF-A is authenticated, ROM code starts TF-A. TF-A is the second pillar of the trusted boot chain. TF-A authenticates in its turn the Second Stage BootLoader firmware (Uboot) and the OP-TEE binary (based on a X509 PKI infrastructure).

 

STMP32MP13 and STM32MP2 have enhanced security, a user can store 8 ECDSA public keys and key revocation is possible. TF-A can be decrypted when loaded by ROM code. The Crypto peripherals is robust against Side Channel Attack (SCA) and the boot chain is pre-certified for SESIP Level 3 and PCI6. 

 

OP-TEE (Open trusted execution environment) allow to run OP-TEE applications (TA) in Cortex®-A secure hardware execution context. OP-TEE and TA can be authenticated before execution by TF-A. 

Authentication of Cortex®-M firmware (M4 or M33) is implemented with a dedicated OT-PEE trusted application. Authentications above made by TFA uses by default the same ECDSA key as the key used for TF-A authentication.

 

The standard Uboot authentication and Uboot RSA decryption of FIT image (Linux kernel+ device tree+initramfs) are not by default enabled on OpenSTLinux release (can be depending upon the needs).

 

Secure firmware update allows the update of the Uboot and OP-TEE binaries with TF-A authentication is implemented in OpenSTLinux.

 

Signing tool to sign the TF-A binaries with the ley generated by KeyGen are availble in STM32MPU ecosystem

 

2. Key provisioning system

The keys can be protected inside a Hardware Security Module card (HSM), to share the private keys to the manufacturing plant. From HSM, the keys can be provisioned into STM32MP1 OTP using the ST secure secret provisioning (SSP) tools.

 

STM32MPU offers hardware isolation. The Cortex®-A code, Cortex®-M (STM32MP15,STM32MP2), DMA have a controlled access to the STM32MPU peripherals and memories access depending on hardware execution context.

A secure boot chain configures the hardware firewalling of each peripheral and memories to one hardware execution context. Hardware isolation allows having part of the system protected against undesired cpu or DMA access (bug or malicious). Isolation allows SIL3 certification for safety.

 

3. Binary encryption in external memories

STM32MP15 SoC flash and DDR interfaces do not support on-the-fly decryption of the flash contents or the DDR DRAM contents. Therefore, automatic on the fly decryption of encrypted memories is not possible.

However, the decryption of a binary located in external memories is always possible “manually” in software or with STM32MP15 crypto peripherals.

STM32MP13 supports on-the-fly decryption, which allows to run OPTEE in encrypted DRAM.

4. Secure element

The ST33 Trusted Platform Module Chip (TPM) services (key storage, authentication check, and encrypting) are possible using the standard linux framework.

5. Advanced security

SAES peripheral contains a secret hardware unique key that to make key wrapping for key stored in flash memories. It can be used for Rootfs encryption with Linux dm-crypt from wrapped key by SAES with the HUK. Rootfs encryption with wrapped key example (as yocto layer) can be requested to ST via Olne ine Support.

 

Having these advanced features or more advanced services running in the secure execution context, like secure firmware update (update in secure environment), trusted applications, SVN, virtualization, STMicroelectronics strongly recommends contacting third-party companies. For more details, see ST Partner Program. 

The primary documentation for security aspect of the STM32MP1 are located on the ST Wiki. See below for a list of related articles. 

 

Related ST wiki articles

• Security overview
  https://wiki.st.com/stm32mpu/wiki/Security_overview
• Overview of secure boot and ROM code
  https://wiki.st.com/stm32mpu/wiki/STM32_MPU_ROM_code_secure_boot
  Device life cycle - stm32mpuhttps://wiki.st.com/stm32mpu/wiki/STM32_MPU_ROM_code_overview
• Process to enable authentication of the trusted boot chain 
  https://wiki.st.com/stm32mpu/wiki/How_to_enable_secure_boot_on_STM32_MPU 
  https://wiki.st.com/stm32mpu/wiki/How_to_perform_Secure_Boot_from_Distribution_package
  
  
• TFA authentication of signed binaries in FIP partition
  https://wiki.st.com/stm32mpu/wiki/TF-A_BL2_Trusted_Board_Boot
  https://wiki.st.com/stm32mpu/wiki/How_to_configure_TF-A_FIP 
  
  
• Uboot authentication of kernel, device tree and initramfs in FIT image
  https://wiki.st.com/stm32mpu/wiki/How_to_create_Signed_FIT_image_from_Distribution_package
  
  
• Cortex®-M4 firmware authentication principles
  https://wiki.st.com/stm32mpu/wiki/How_to_protect_the_coprocessor_firmware
   
• Tools for generating keys, public key hash to be stored in OTP with STM32CubeProgrammer, private key used for binary signing
  https://wiki.st.com/stm32mpu/wiki/STM32CubeProgrammer_OTP_management
  https://wiki.st.com/stm32mpu/index.php/KeyGen_tool
• Tools for signing binaries
  https://wiki.st.com/stm32mpu/index.php/Signing_tool 
• OPTEE and Trusted Applications
  https://wiki.st.com/stm32mpu/wiki/OP-TEE_overview
  https://optee.readthedocs.io/en/latest/architecture/secure_storage.html
  https://wiki.st.com/stm32mpu/wiki/Hardware_Unique_Key_overview
  
  
• STMicroelectronics does not currently deliver any TA but demo examples can be run
  https://optee.readthedocs.io/en/latest/building/trusted_applications.html
  https://optee.readthedocs.io/en/latest/building/gits/optee_examples/optee_examples.html
  https://wiki.st.com/stm32mpu/wiki/How_to_develop_an_OP-TEE_Trusted_Application 
  
  
• Secure secret provisioning 
  Secure Secret Provisioning (SSP) overview - stm32mpu
  How to deploy SSP using a step-by-step approach - stm32mpu

 

• Secure firmware update
  https://wiki.st.com/stm32mpu/wiki/Secure_Firmware_Update
  
  
• Disk encryption
  https://wiki.st.com/stm32mpu/wiki/How_to_encrypt_a_disk_with_dm-crypt
   
• Tamper configuration
  https://wiki.st.com/stm32mpu/wiki/Tamper_configuration 
  https://wiki.st.com/stm32mpu/wiki/Tamper_configuration#Software_configuration 
  
  
• Execution context explained
  https://wiki.st.com/stm32mpu/wiki/Getting_started_with_STM32_MPU_devices
  
  
• Architecture overview
  https://wiki.st.com/stm32mpu/wiki/STM32MPU_Embedded_Software_architecture_overview
  
  
• Peripheral assignments
  https://wiki.st.com/stm32mpu/wiki/STM32MP15_peripherals_overview
  https://wiki.st.com/stm32mpu/wiki/STM32MP13_peripherals_overview
  
  
• How to assign a peripheral to a context
  https://wiki.st.com/stm32mpu/wiki/How_to_assign_an_internal_peripheral_to_a_runtime_context
• Assigning access rights to MPU peripherals from Cortex®-A7 contexts (secure or normal) and Cortex®-M4 context
  https://wiki.st.com/stm32mpu/wiki/ETZPC_internal_peripheral
  
  
• Assigning access rights to internal ROM/RAM from Cortex®-A7 and Cortex®-M4
  https://wiki.st.com/stm32mpu/wiki/TZC_internal_peripheral

• TPM V2.0 specification implementation (Trusted Platform Module companion chip) with OpenSTLinux TPM expansion package
  Category: X-LINUX-TPM expansion package - stm32mpu 
  https://wiki.st.com/stm32mpu/wiki/STPM4RasPI_expansion_board