Showing results for 
Search instead for 
Did you mean: 

Getting started with STM32U5 IoT discovery kit and AWS

This article demonstrates how to integrate modular AWS FreeRTOS™ software with hardware enforced security to help secure updatable cloud connected applications. The project is preconfigured to run on the STM32U585 IoT discovery Kit and connect to AWS. This article will focus on the steps to run the Non-TrustZone version of the project in Windows OS.

The STM32U5 IoT discovery kit is equipped with a Wi-Fi and Bluetooth module, microphones, a temperature and humidity sensor, a magnetometer, an accelerometer, and gyroscope, a pressure sensor, as well as Time-of-Flight (ToF) and gesture-detection sensors.

The board also comes with 512-Mbit octal-SPI flash memory, 64-Mbit octal-SPI PSRAM, 256-Kbit I²C EEPROM, as well as ARDUINO Uno V3, STMOD+, and Pmod expansion connectors, plus an expansion connector for a camera module, and STLink-V3E embedded debugger.

The associated project folder consists of a Non-TrustZone version(b_u585i_iot02a_ntz) of the project and TF-M enabled version(b_u585i_iot02a_tfm) of the project. The following article contains instructions on getting the nonsecure(b_u585i_iot02a_ntz) version of the project up and running in a windows environment. For getting it running in Mac/Linux, refer to the following-
It connects to AWS Core and publishes data.  It shows the steps to connect the STM32U585 IoT discovery kit to the IoT core. The demo connects to AWS IoT using the WiFi module. It then uses the coreMQTT-Agent library to enable multiple concurrent tasks to share a single MQTT connection. These tasks publish sensor data, and demonstrate use of the Device Shadow and Device Defender AWS IoT services.
Article part 2 How to do an OTA update with STM32U5 and AWS?

Hardware description

B-U585I-IOT02A - Discovery kit for IoT node with STM32U5 series - STMicroelectronics

User provided items

A USB micro-B cable

Clone the repository and submodules

Using your favorite unix-like console application, run the following commands to clone and initialize the git repository and its submodules. In Microsoft Windows, path length limitations may apply so it is recommended to clone the repository to the root of a drive to minimize the path length of each file.

git clone --recurse-submodules

Set up your development environment.

Download and install STM32CubeIDE version 1.9.0.
Download and install the latest version of Python. During the installation process for Python, make sure to tick the boxes to install pip and add Python to path.
To install Python libraries using pip, navigate to the repository (C:\iot-reference-stm32u5\tools) and type:

pip install -r requirements.txt

The above command installs the following packages-boto3, requests,pyserial,cryptography, and black etc. required for the build.

Install AWS CLI.

Create an IAM user.


aws configure

On a command prompt terminal. Fill in the AWS Access Key ID, AWS Secret Access Key, Default output format and region as show below:


Optional: A serial terminal like Tera Term

Set up your hardware


Connect the STLINK USB port (USB STLK / CN8) to the PC with USB cable. The USB STLK port is located to the right of the MXCHIP module in the above figure. It is used for power supply, programming the application in flash memory, and interacting with the application with virtual serial COM port.

Importing the projects into STM32CubeIDE and building the project

The b_u585i_iot02a_ntz project does not use the TrustZone® capabilities of the U5 board. With the project cloned on the C drive, open STM32CubeIDE. When prompted with setting workspace, click on Browse and navigate to C:\iot-reference-stm32u5 as shown below:


Note: If the prompt does not come up, look at the Troubleshooting section of this document at the end.

Under Project Explorer, click on Import projects.


In the pop–up tab, click on Existing projects into workspace:


Hit Next. The following prompt pops up:


Click on Browse above and navigate to the root of the project. Click on Finish.


This is how the workspace with the imported project looks like:


Build the b_u585i_iot02a_ntz project.

Flash the binary by clicking on Run->Run. Make sure that the board is plugged in to flash the project to the board.
Note: In case you face issues errors flashing the binary using the above steps, you can navigate to C:\iot-reference-stm32u5\Projects\b_u585i_iot02a_ntz\Debug and flash the .bin file.

Running the demo

With the firmware flashed to the board, open a command prompt, and navigate to the root of the project(lab-iot-reference-stm32u5). Type:

python tools/ -i -v

To know more about the above command, visit the Troubleshooting section at the end of the document.

The script prompts you to enter the following details. You only need to update wifi_ssid, wifi_credential, mqtt_endpoint and thing name.

time_hwm[]: <Click enter>
wifi_credential[]: <your wifi password>
mqtt_endpoint[]: <a1qwhobjt*****>
wifi_ssid[]: <your wifi ssid>
mqtt_port[]: <Click enter>
thing_name[]: <stm32u5>


The script does all the certificate and key provisioning by itself. It will also create a thing with the thing name you entered in the terminal, query your aws account for the correct mqtt endpoint, communicate with AWS, download the certificate and key, and save them to your device.

The end of the script looks somewhat like this:


Optional: Open a serial terminal like Tera Term. Connect to the board and set the baud rate to 115200. Reset the board by clicking on the black reset button on the board to observe activity on Tera Term.

Observing activity on AWS

Log in to with the IAM user created before. On the AWS management console, click on Iot Core. Under Things shown below, click on the name of the thing you entered in the terminal prompt (in this case, STM32U5).


Under Activity, click on MQTT Test Client.

Set the topic filter to # and hit Subscribe. Reset the board and observe activity on AWS. This allows all topics to come through.


Here is an example of the sensor data coming through:



  1. Upon opening STM32CubeIDE, if the prompt to set the directory does not come up, Click on File->Switch Workspace->Other, and set the workspace as shown below:


2. For the command to run the script as mentioned in the document:

python tools/ -i –v

Note that here are the additional arguments for reference:

-h, --help
-i, --interactive
-v, --verbose
-d DEVICE, --device DEVICE
--wifi-ssid WIFI_SSID
--wifi-credential WIFI_CREDENTIAL
--thing-name THING_NAME
--aws-profile AWS_PROFILE
--aws-region AWS_REGION
--aws-access-key-id AWS_ACCESS_KEY_ID
--aws-access-key-secret AWS_ACCESS_KEY_SECRET
Version history
Last update:
‎2022-06-02 02:55 AM