Secure Manager for STM32H5

Revision as of 21:13, 31 July 2023 by Registered User (→‎Introduction)
This message will disappear after all relevant tasks have been resolved.
Semantic MediaWiki
There are 1 incomplete or pending task to finish installation of Semantic MediaWiki. An administrator or user with sufficient rights can complete it. This should be done before adding new data to avoid inconsistencies.

1. Introduction

STM32H5 MCUs are equipped with new security features, such as product life cycle, isolation, debug authentication, secure storage, and secure boot.
Solid security skills are required to individually use these blocks.

STMicroelectronics offers a full solution to use these security features, owned and maintained by STMicroelectronics, which is SESIP 3 and PSA certification ready.

2. Secure Manager overview

The Secure Manager is a software component encrypted, signed and delivered by STMicroelectronics aiming at simplifying the security development cycle of embedded applications. Secure Manager provides ready to use security services developed according to best practices.

The Secure Manager is targeting a certification based on PSA level 3 and SESIP3.

Main features are:

  • Arm PSA standard and API compliancy
  • Arm PSA services
    • Secure Boot
    • Cryptography
    • Internal trusted storage
    • Initial attestation
    • Firmware Update
  • Multiple-tenant software IP protection
    • Sandboxed secure services (PSA isolation level 3)
  • Security certified (target)
    • PSA Certified L3
    • GlobalPlatform SESIP3

For more details about Secure Manager please see Secure Manager wiki article.

3. Secure Manager package ecosystem

The Secure Manager package is delivered with an ecosystem used to handle its life cycle.

This ecosystem is composed of:

  • The Secure Manager access kit (SMAK): used to develop NS applications using Secure Manager services.
  • The secure module development kit (SMDK): used to develop secure modules and associated APIs to access these modules from NS applications.

4. To go further

For details on SMAK, please see SMAK for STM32H5.
For details on SMDK, please see SMDK for STM32H5.
For details on Secure Manager manufacturing, please see SFI for STM32H5.

5. Getting started with Secure Manager

Refer to these following pages for an example on getting started with Secure Manager for STM32H5 MCUs

Secure Manager STM32H5 How to Intro : Brief summary of Secure Manager mechanism to make the How to start article

How to start with Secure Manager on STM32H573 Step by step lab to practice


Retrieved from "https://wiki.st.com/stm32mcu/index.php?title=Security:Secure_Manager_for_STM32H5&oldid=37735"