How to start with DA access on STM32H50345min
Target description
This tutorial shows how to make a provisioning and then a full regression on a STM32H503 device. Provisioning process goes through 3 steps :
- Initial Option Bytes programming
- Code image generation and flashing
- Password provisioning
The last step shows a full regression.
Prerequisites
- knowledge of STM32CubeProgrammer
- knowledge of JTAG / SWD interface
Hardware
- Nucleo MB1814 with STM32H503
Required tools
- STM32CubeProgrammer[1] Software programming tool for STM32 (v2.13.0 min)
- Including STM32TrustedPackageCreator
- STM32Cube_FW_H5_V1.0.0 or later
- IAR Embedded Workbench v9.20.1
- Tera Term or equivalent terminal emulator
Literature
- UM2237 STM32CubeProgrammer software description
- UM2238 STM32 Trusted Package Creator tool software description
- AN5054 Secure programming using STM32CubeProgrammer
- AN2606 STM32 microcontroller system memory boot mode
Environment setup
Before starting, the first step is to prepare the environment to be able to go through the DA process.
- Download the STM32CubeFW_H5 Cube firmware
A directory NUCLEO-H503RB is included in the Projects directory
- STM32CubeProgrammer default folder is : C:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer
In case the STM32CubeProgrammer has not been installed in the default folder, the customized installation paths need to be updated in the following script :NUCLEO-H503RB\ROT_Provisioning\env.bat
:: ==============================================================================
:: General
:: ==============================================================================
:: Configure tools installation path
set stm32programmercli="C:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\STM32_Programmer_CLI.exe"
set stm32tpccli="C:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\STM32TrustedPackageCreator_CLI.exe"
1. Initial Option Bytes programming
A “provisioning” script is provided in STM32Cube_FW_H5 . This script will
- Set the option bytes of the device
- Set a password to the board
- Set the final chosen product state according user selection
In order to program the Option Bytes you need to
- Connect the board
- Run the provided provisioning.bat script (double click)
- The script will proceed with the option byte programming
- Remove all protections
- Erase User Flash
2. Code image generation and flashing
Once Option Bytes successful programmed, script ask to flash your application
For this example we will use GPIO_IOToggle application located in :
Projects\NUCLEO-H503RB\Examples\GPIO\GPIO_IOToggle\EWARM
- Open the Project.eww located in the EWARM directory :Projects\NUCLEO-H503RB\Examples\GPIO\GPIO_IOToggle\EWARM
- Perform Project --> Rebuild all
- Once project correctly builded, select : Project --> Download --> Download active application to flash the code
- Reset the board (black button) and the green led must now blink
3. Password provisioning and final product state setting
3.1. Password not yet provisioned
- Go back to provisioning script window and press a key to continue procedure
- The script asks if Password is already provisioned.
Before answering "No" you have the possibility to update the default password in user_password.bin file.
User_passord.bin : where you define the password (12 bytes) that will be provisioned Board_password.bin : HASH of user password which will be provisioned in the chip Password.bin : output file in order to open the DA access for regression
Board_password.bin and Password.bin files will be automatically updated with the new password saved in user_password.bin during provisioning script.
You can also continue script without updating the default password . Answer “No” to continue
- Follow the script and choose the product state (PROVISIONED , CLOSED or LOCKED)
Before setting the product state to CLOSED or LOCKED, it is advised to set the PROVISIONED state and to try out the regression. Then to redo the complete provisioning starting step by step from the beginning and only then set one of the more closed states.
Make a first trial setting the product in PROVISIONED state :
--> the installed code must run and the led blink
ignore next paragraph 3.2 and jump directly to step4 : Full regression
3.2. Password already provisioned
- Go back to provisioning script window and press a key to continue procedure.
- The script asks if password is already provisioned.
Answer "Yes" to continue
- Follow the script and choose the product state (PROVISIONED , CLOSED or LOCKED)
Before setting the product state to CLOSED or LOCKED, it is advised to set the PROVISIONED state and to try out the regression. Then to redo the complete provisioning starting step by step from the beginning and only then set one of the more closed states.
Make a first trial setting the product in PROVISIONED state :
--> the installed code must run and the led blink
Complete the tutorial till the end.
4. Full regression
- A full regression will erase the user stored contents.
- Erase the user flash content
- Set the product in open state
- If the product is in Open state, a full regression is not needed since the device is not secured and changes can be done without any authentication.
In case the regression script is executed, it will indicate some errors
- If the product is not in Open state, the only way to change the product state is to first do a full regression
4.1. Full regression using the provided script
The regression can be done using the provided script or using CubeProgrammer (see 4.2)
To perform a full regression
- Launch the regression.bat script located in ROT_Provisioning\DA
- If the regression has succeeded the following message should be displayed
Connect STM32CubeProgrammer and check that the flash content is well erased and that the option bytes and product state are at default values.
4.2. Full regression using STM32CubeProgrammer
- Disconnect the CubeProgrammer, remove/plug the USB cable
- Redo the exercise starting at step1, set the “CLOSED” state
- Select in CubeProgrammer and select “Debug Authentication”
- Click “Discover” the information window will be filled
- Enter the password.bin file
- Click Full regression
- Check with CubeProgrammer that the flash content is well erased and that the product state and option bytes are at default values
{{Note| You can redo the exercise starting at step1 and set PROVISIONED as final product state. The regression process is the same.