STM32WW Wi-Fi® – WLAN Secure provisioning Project

Revision as of 09:55, 21 May 2024 by Registered User

back to main page

Under construction.png Coming soon

Please understand this is draft, thank you


1. WLAN Secure provisioning Presentation

The security of a system primarily depends on the trusted information shared between the actors involved in the system. From an integrated circuit (IC) perspective, security is achieved by embedding secure elements inside the IC, which cannot be updated or modified. This ensures that the information stored within the IC remains secure and cannot be altered or updated. One-time programmable (OTP) is a type of non-volatile memory that is commonly used in integrated circuits for secure applications, such as the Wi-Fi IC. OTP memory is programmed only once, and the data stored in it cannot be modified or erased, making it an ideal solution for storing sensitive and trusted information used for security purposes. Two types of trusted data are required for secure systems: Confidential data and public data.

  1. Confidential data refers to sensitive information that needs to be kept secret.
  2. Public data refers to information that is meant to be shared with others, but still needs to be trusted because of its origin and integrity.

The Wi-Fi IC provides hardware-based protection for OTP memory access, which is controlled by the security life cycle. This life cycle regulates the access (read, write) of the OTPs, ensuring that only trusted firmware can access them in close mode. When the IC is open, only non-confidential OTPs are accessible, while confidential OTPs remain secure. This ensures that sensitive information stored in the OTP memory remains secure and cannot be accessed by unauthorized parties.

The provioning is executed in two steps according to the origine of the secrets. The secrets deliverede by st are provisioned during st test engenering phase, and the secret provided by the custumer are provided in EOM facility when the companion WIFI IC is connected to its host for the first time.

wifi secureprovisionning.png

2. ST secure provisioning

Bootstrap is a dedicated firmware authenticated by the BootROM, which is responsible for the ST provisioning process. The Typhon should be closed before loading the Bootstrap. The Bootstrap is loaded into the Typhon's SRAM1 through the SDIO interface. The bootstrap is built using four distinct parts.

  1. The first part is the bootstrap header, which contains versioning, size, target identifier, and information for decryption and authentication, such as the initial vector and the AES-GCM tag.
  2. The second part contains the code that is responsible for writing the secret to the OTP and authenticating the final part.
  3. The third part is also authenticated by the BootROM and contains all the secrets generated by ST central service shared among all the STM32Wx4 ICs.
  4. The last part is authenticated by the code in the second part and contains all the secrets specific to each STM32Wx4 IC.

3. EOM provisioning

The EOM provisioning mainly rely on MDG cube programmer tools. The MDG cube programmer tool is connected to the STM32WW4 host board. The host board shall be initialized with CLU bridge firmware. The CLU bridge firmware is used to read and write otps in the wifi companion IC.

Connectivity:CLUBridgeComds.png
eom provisioning