This article gives information about the Secure Secret Provisioning (SSP) feature.
A complete feature description is available in the dedicated SSP application note[1].
1. Feature purpose[edit | edit source]
To meet the market security requests and protect customers against any leakage of their Intellectual Properties, STMicroelectronics introduces a security feature, the secure secret provisioning (SSP), allowing the OEM secrets programming into STM32 MPU one time programming (OTP) area in a secure way (with confidentiality, authentication and integrity checks).
The STM32 Arm® Cortex® MPUs support protection mechanisms that allows the protection of critical operations (such as cryptography algorithms) and critical data (such as secret keys) against unexpected access.
This article gives an overview of the STM32 Arm® Cortex® MPUs SSP solution with its associated tools ecosystem.
Following the STM32 MCU SFI strategy[2], the SSP processing relies on an STM32 Hardware Security Module[3] (HSM) to manage chip authentication and and to unwarily encrypt exchange data with STM32 Arm® Cortex® MPUs The STM32 Arm® Cortex® MPUs authentication allows to count the number of provisioned devices. The STM32 HSM is connected to the manufacturing programming tool (STM32CubeProgrammer presented as an example) that uploads the encrypted data to the chip.
Once the SSP is completed, the STM32 Arm® Cortex® MPUs contains all the secrets of the OEM and all the STM32 Arm® Cortex® MPUs secure mechanism are enabled.
2. System overview[edit | edit source]
The SSP is a secure system mechanism implemented in STM32 Arm® Cortex® MPUs that allows secured and counted installation of OEM secrets in untrusted production environment (such the OEM contract manufacturer).
The SSP process prevents the OEM secrets from:
- being accessed by the contract manufacturer.
- being extracted or disclosed.
- being over produced.
2.1. Component description[edit | edit source]
- STM32HSM-V2: The HSMv2 used for SSP offers a way to verify authenticity of the STM32 Arm® Cortex® MPUs under provisioning. Once the authentication is confirmed, it generates a per device license and decremented the number of possible provisioned devices.
- Programmer: The manufacturing programming tool (represented as STM32CubeProgrammer in the previous example) is the link between the STM32 Arm® Cortex® MPUs and the HSM.
- OEM secrets: This is the file which contains the OEM data which must be securely transferred into the STM32 Arm® Cortex® MPUs . The file has been previously contructed with the STM32 Trusted Package Creator.
2.1.1. STM32HSM-V2[edit | edit source]
The STM32HSM-V2 is a configurable hardware security module that is required to establish a secure connection with the STM32 Arm® Cortex® MPUs .
Thanks to STM32 Trusted Package Creator, it is possible to specify the HSM to the targetted product.
The provisioning of the STM32HSM-V2 is explained in this article.
Provisioning the HSM stands to:
- record the specific data associated to the STM32 Arm® Cortex® MPUs .
- save the OEM symetric key used to decrypt the secrets.
2.1.2. Programmer[edit | edit source]
The programmer is the communication tool making the link between HSM and STM32 Arm® Cortex® MPUs .
The protocol for connecting to the target is available in USB DFU/USART protocols used in STM32MP1 series bootloaders and the extension for SSP Overview of the secure secret provisioning (SSP) on STM32MP1 series.
A reference implementation is available through STM32CubeProgrammer.
Some partners solutions are also available such as Elprotronics[4]
2.1.3. OEM Secrets[edit | edit source]
The OEM secrets file is a data file, encrypted that contains the all the secrets which must be embedded in the target to make the device secure. It must at least contains:
- the Root of trust for the initial firmware authentication
- the RMA password
All the other secret keys or password might be transported in the OEM file.
The secret file can be generated using STM32 Trusted Package Creator.
2.2. STM32 Arm® Cortex® MPUs SSP implementation[edit | edit source]
The STM32 Arm® Cortex® MPUs implementation relies on two embedded software parts:
- The ROM code.
- A SSP dedicated firmware.
2.3. ROM Code SSP implementation[edit | edit source]
The ROM code has a complete access to chip data. During the SSP process, it is in charge of:
- Generating the chip certificate.
- Connecting to programming tool via serial interface binary loading.
- Downloading the SSP Firmware in SYSRAM from serial interface.
- Authenticating the SSP Firmware.
- Executing SSP firmware
On STM32MP1 series, the ROM code is also:
- Decrypting the secret data.
On STM32MP2 series, the ROM code is also:
- Downloading the OEM secret file.
2.4. SSP firmware[edit | edit source]
2.4.1. STM32MP1 series[edit | edit source]
The SSP firmware is based on TF-A BL2 implementation.
The TF-A BL2 SSP Firmware is a specific code that extends the communication with the programming tool and is in charge of specific SSP commands to:
- Initializes the SSP process by changing the chip life cycle state to secure provisioning state.
- Sends the ROM code prepared chip certificate to the programming tool to allow chip authentication.
- Receives the secret data binary from the programming tool and store it in a dedicated secure memory region for the ROM code.
- Writes all the decrypted secrets in the chip OTP and sets the chip to Secure closed device state.
This part of code is using part of TF-A BL2 generic code but is only restricted to serial connection mode and OTP access. The TF-A SSP size is limited to the minimum but required a dedicated board configuration (over device tree).
2.4.2. STM32MP2 series[edit | edit source]
The SSP firmware is a dedicated ST firmware that is signed and encrypted by ST.
It ensures a safe implementation of the secure secret provisioning.
3. To go further[edit | edit source]
A dedicated page how to deploy SSP: a step-by-step approach explains how to configure and run a complete SSP process.
4. References[edit | edit source]