Revision as of 13:40, 19 January 2024 by Registered User
This message will disappear after all relevant tasks have been resolved.
Semantic MediaWiki
There are 1 incomplete or pending task to finish installation of Semantic MediaWiki. An administrator or user with sufficient rights can complete it. This should be done before adding new data to avoid inconsistencies.1. Introduction
Theoretical introduction article is available here.
The example solution is provided with the STM32CubeU0 package and consists of 2 parts:
- Firmware/Projects/NUCLEO-U083RC/Application/ROT/OEMiSB_Boot
- Firmware/Projects/NUCLEO-U083RC/ Application /OEMiSB_Appli (a simple Toggle LED application.)
2. Prerequisites
- Hardware
- STM32U083 Nucleo board: the STM32U083 devices have all the available security features, including the HW crypto accelerator (the HW cryptographic acceleration is not supported for STM32U07x devices).
- USB-C cable
- STM32U083 Nucleo board: the STM32U083 devices have all the available security features, including the HW crypto accelerator (the HW cryptographic acceleration is not supported for STM32U07x devices).
- Required tools
- STM32Cube_FW_U0_V1.0.0 or later
- STM32CubeProgrammer_rev2.16.0 or more recent.
- IAR Embedded Workbench® rev 9.40.1 or later.
- Tera Term / Putty or equivalent terminal emulator.
- STM32Cube Firmware
- Download the STM32Cube_FW_U0 Cube firmware (advise is to place it close form the C: in order to avoid long paths)
- A directory NUCLEO-U083RC is included in "STM32Cube_FW_U0_V1.x.x\Projects"
- Open the env.bat file in ROT_Provisioning sub-folder
- 1- If the STM32CubeProgrammer has not been installed in the default folder:
- 1- If the STM32CubeProgrammer has not been installed in the default folder:
C:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer, the customized installation path needs to be updated.
- 2- Check that the OEMiRoT_Appli path is OK
3. Using the example
To ease the example generation and loading, a script is provided in the STM32Cube package. The script called “provisioning” is available in \Projects\NUCLEO-U083RC\ROT_Provisioning\OEMiSB.
The script execution is following steps:
1. Configuration management
- RDP selection
- 0: In this case the development mode is enabled
- 1: Production mode is enabled, and debug is possible
- 2: Production mode is enabled, and debug is not possible
- Data size selection
- RDP selection
2. Image generation
- Compilation of the application and generating binary file.
- Editing boot header files automatically.
- Computing application HASH and generating hash area binary.
- Compilation of the boot.
3. Provisioning
- Remove old protections and initialize option bytes.
- Perform mass erase.
- Download application, boot and hash.
- Hardening by enabling HDP and WRP.
The script is useful to automate hash generation, which would have to be manually imported into the binary on each build.