STiRoT for STM32H7S

Revision as of 14:24, 19 October 2023 by Registered User
This message will disappear after all relevant tasks have been resolved.
Semantic MediaWiki
There are 1 incomplete or pending task to finish installation of Semantic MediaWiki. An administrator or user with sufficient rights can complete it. This should be done before adding new data to avoid inconsistencies.

STiRoT stands for ST Immutable (unchangeable) Root of Trust. This is a ROM code developed by STMicroelectronics, which targets a SESIP level 3 certified implementation. Since the STiRoT requires hardware cryptographic features, it is only available on STM32H7Sxx product lines.

A detailed description of STiRoT is provided in ANXXXX.

1. STiRoT services

The STiRoT provides two services.

  • The Secure Boot (root of trust services) is an immutable code, which is always executed after a system reset. It activates runtime protections and then, it verifies the authenticity and integrity of the application code before every execution.
  • The Secure Firmware Update application is an immutable code that detects that a new firmware image is available. It checks its authenticity, then checks the integrity of the code before installing it after decryption.

2. STiRoT activation

STiRoT is activated in two different use cases:

  • One boot stage: The STiRoT integrated inside the STM32H7Sxx directly manages the user application.

Security STiRoT 1bootstage.png

  • Two boot stages: The STiRoT integrated inside the STM32H7Sxx manages an updatable boot stage (OEMuRoT) located in the external flash memory which manages the user application. The updatable boot stage can be customized to fit customer needs.

Security STiRoT 2bootstages.png

In both cases, STiRoT never access the external flash memory. STiRoT relies on iLoader to copy the user application or the OEMuRoT from external flash memory to internal RAM memory.

Please refer to ANXXXX to get all the details on on the STiRoT activation use cases. An example of one boot stage configuration is provided through How_to_start_with_STiRoT_on_STM32H7S article.

3. STiRoT provisioning

The product provisioning to activate and configure STiRoT is done following the four steps below:

1.Generation of iLoader binary.
2.Configuration of the STiROT. At this stage, the location of the image, and the cryptographic keys are defined.
3.Generation of the code image.
4.Programming of the OBKeys, the option bytes, the iLoader and the image in the device.

Note: A set of scripts is provided in the STM32CubeH7RS MCU package (Firmware/Projects/Board/ ROT_Provisioning/STiROT folder). It guides the user all along the provisioning process. Refer to [4] for more information.

Security STiRoT privisioning.png

Please refer to ANXXXX to get all the details on the STiROT provisioning process including OBkeys configuration files and image generation.


Retrieved from "https://wiki.st.com/stm32mcu/index.php?title=Security:STiRoT_for_STM32H7S&oldid=42789"