Skip to main content
H
HHuyn.4
Graduate II
January 31, 2024
Solved

STM32H7 Firmware Update Using Web Server

  • January 31, 2024
  • 2 replies
  • 1627 views

Hi all,

Abstract
We are developing our product based on STM32H7. We would like to use the HTTP server and Netconn to update the firmware for our product. We consider this method easy to use for customers more than Serial or USB. We have tried looking for some references but for now, we are having a lot of problems.

Quesion
If you could answer any of those questions that could help us greatly!
1. Do you have an example, reference, or tutorial of working to update firmware via web server stm32h7?
2. Do you have any idea how to start?
Thank you for taking the time to read this and to answer me!

Regards

    This topic has been closed for replies.
    Best answer by STea

    Hello @HHuyn.4 ,

    currently there is no example with the capability of firmware update via a web server so this should be implemented from your side i can give you some general recommendation and steps to implement this 

    1. you can really on the our security offer for the stm32H7 to provision keys and secrets which will be used to decrypt the downloaded firmware later on ?
    2. base your solution on the the SBSFU implementation using dual slot configuration try to imitate the architecture making the download area for firmware image downloaded form a server which will be signed and encrypted using some keys and algorithms you decided on in step 1.
    3. from the server side you need to have accessible images signed and encrypted and you need to implement some kind of authentication mechanism to ensure that devices requesting the image are yours 

    this is just a general view of the architecture and it can be refined after some iterations to make it more robust to attacks .

    BR 

    2 replies

    S
    STeaAnswer
    ST Employee
    February 2, 2024

    Hello @HHuyn.4 ,

    currently there is no example with the capability of firmware update via a web server so this should be implemented from your side i can give you some general recommendation and steps to implement this 

    1. you can really on the our security offer for the stm32H7 to provision keys and secrets which will be used to decrypt the downloaded firmware later on ?
    2. base your solution on the the SBSFU implementation using dual slot configuration try to imitate the architecture making the download area for firmware image downloaded form a server which will be signed and encrypted using some keys and algorithms you decided on in step 1.
    3. from the server side you need to have accessible images signed and encrypted and you need to implement some kind of authentication mechanism to ensure that devices requesting the image are yours 

    this is just a general view of the architecture and it can be refined after some iterations to make it more robust to attacks .

    BR 

      P
      Pavel A.
      Super User
      February 2, 2024

      We would like to use the HTTP server and Netconn to update the firmware for our product. 

      Do you want your device connect to your http server (in public internet or local network), or the device to be a server? 

      Does your device have other interfaces besides ETH, connectable to a PC?

        Terms & ConditionsAccessibility statement