AnsweredAssumed Answered

STM32F407 custom bootloader with encryption support

Question asked by mogg on Mar 11, 2015
Latest reply on Mar 13, 2015 by mogg

    I am trying to develop a product with STM32F407 processor that must be firmware upgradeable in the field. The problem that I am thinking of is that somebody could easily make the same hw design of the board like mine's, copy my code image and put it on his board and have a system identical with mine up and running. So how can I protect myself from this, while still having the option of firmware upgradeable implemented in my product, in order to be able to deliver new features and bug fixes?
    The one solution that I am thinking of is the following:
        - having a second stage bootloader burned in each STM32F4 that I deliver which:
            - when in 'boot mode', receives over serial interface an encrypted application image and writes it into Flash as it is. The image is unique for each product, being encrypted with a key derived from the STM32F4 unique ID
            - when in 'app mode', decrypts the application residing on flash using the key based on the processor unique ID and puts the decrypted image in the CCM (core coupled memory). Then it executes the application from the CCM
    Pluses of this solution: the application image in clear resides only in CCM which makes the process of copying it a bit more difficult (in my opinion).
    Minuses: I have to deliver one image per every product, because the image has to be encrypted with a key derived from each processor's unique ID.
    Can you please point me eventually to other solutions to my problem, maybe some that don't need separate images for each system? It would be much easier for me to deliver one single image every time I need to release a new version of software, instead of compiling and delivering one image per every system I have in the field.
    Also, can you please let me know if the solution I have in mind would work or maybe I missed something ?
    Thank you