Getting started with STM32C5 security

Practical examples are proposed to provide an overview and to help to understand the STM32C5 security solution.
These examples are based on the board, tools, and codes provided by ST.
In the guides listed below, each step to follow is described in detail.
It is advised to get familiar with the available tools by using these examples before making your own developments.

The focus for the security of this product is on the secure boot and simple, but hardened protection of assets.
Password protected regression is another differentiating feature of the STM32C5 series.

1. RDP life cycle

• The STM32C5 has three possible Readout Protection states:
  • RDP0 and "RDP2 with boundary scan" used during development.
  • RDP2 for production.
  • Note: there is no RDP level 1 for the STM32C5 products.

The important feature of the STM32C5 is the ability to perform a regression from RDP level 2 to RDP level 0 using a 128 bits provisioned OEMKEY.
There is also a possible transition from "RDP level 2 with boundary scan" to RDP level 2 using a personalized 32 bits BSKEY key.

The reference manual RM0522 gives details about the Readout Protection (Product Life Cycle chapter).
The following article gives some introduction explanations and gives a step by step guide for password key provisioning, RDP level settings and regression to RDP0: RDP keys provisioning, RDP levels setting and regression

2. OEMiRoT

The OEM immutable (unchangeable) Root of Trust is supported for all the STM32C5 products.
The OEMiRoT acts as a first boot stage and offers two services (Secure Boot and Secure Firmware Update).
The table above contains the links to the related technical article and the getting started article.