Flash new STM32 with encrypted FW // IP-Protection concept without pre-provisioning

Hello everybody,

we're currently discussing product tampering and intellectual property (IP-) protection for a new product.

I read a lot about SBSFU, the STSAFE processors and KMS memory in some STM32 µCs, but some things I may have not 100% understood correctly, some things I could not find informations about at all.

Our basic question is at the moment: Is it possible to flash a encrypted firmware file to new STM32 processor?

Perhaps using a pre-provisioned STSAFE-A100?

Background of this question: We're selling electronic modules worldwide, which are assembled the specific regions by the manufacturers in place, where, using a unique EEPROM and a USB-Dongle/PC-Software solution, a specific amount of boards can be activated.

Problem is, the potential unworthy EMS has

• The plain hex-file and could disassemble it or manipulate it
• We've seen clones of the EEPROM IC with unique serial no, hence, this concept is proven to be vulnerable

We're searching for a solution to flash encrypted firmware files and to control how much boards were produced and flashed (and are operable/"activated").

The easiest scenario we can think of is

• Flash the STM32 at our company with our encryption keys (store them into the STM32's KMS)
• Deliver a paid amount of these controllers to the potential evil EMS

• Problem is, we had problems in the past exporting electronic parts and hence, we're searching for a pure software-/server-based solution, which leads to the basic question mentioned above: Is flashing of a new STM32 with an encrypted firmware possible, perhaps using pre-provisioned STMSAFE processors with a flashed OEM-cert by ST?

Thanks a lot in advance & best regards

Markus