Skip to main content
waclawek.jan
waclawek.jan
Super User
May 25, 2024
Solved

OTP readable by debugger while RDP set to 1

  • May 25, 2024
  • 1 reply
  • 1003 views

OTP portion of FLASH is a valuable asset in some STM32 families and represents a convenient place to store things like security keys. For this, it is desirable - and, as it's part of FLASH, also quite logically expected - that setting read-out protection to any level above 1 prevents the debugger from reading it.

In RM0444 Rev.5 and RM0454 Rev.5 (the current 'G0 manuals), the following text indicates that this should be the case:

waclawekjan_0-1716631014181.png

The following table appears to indicate the same behaviour:

waclawekjan_1-1716631210918.png

However, user @DAlbe.3 reported, that he was able to read out OTP using debugger, while RDP was set to Level1.

This, together with the fact, that the above table has changed across RM revisions, rises questions about the OTP's security.

Can ST please comment?

 

Thanks,

JW

    Best answer by mƎALLEm

    Hello and sorry to be late.

    That seems to be fixed in the product reference manual:

    The sentence has been removed:

    RDP1.png

    "No" replaced by "Yes" in this table:

    RDP.png

    So OTP area can be read even though RDP level 1 is activated.

    Edit: it seems that was fixed in RM0444 rev 6. But not yet in RM0454. I will escalate for fix.

    Thank you for your contribution.

    1 reply

    waclawek.jan
    waclawek.janAuthor
    Super User
    May 27, 2024

    https://community.st.com/t5/stm32-mcus-security/stm32g030-readout-protection-level-1-errata-2-2-3-por-lockup-if/m-p/679451/highlight/true#M6928

      mƎALLEm
      mƎALLEmBest answer
      Technical Moderator
      February 23, 2026

      Hello and sorry to be late.

      That seems to be fixed in the product reference manual:

      The sentence has been removed:

      RDP1.png

      "No" replaced by "Yes" in this table:

      RDP.png

      So OTP area can be read even though RDP level 1 is activated.

      Edit: it seems that was fixed in RM0444 rev 6. But not yet in RM0454. I will escalate for fix.

      Thank you for your contribution.

      "To give better visibility on the answered topics, please click on ""Accept as Solution"" on the reply which solved your issue or answered your question."
      Terms & ConditionsAccessibility statement