Incorporate an intrusion alert in the SBSFU application

Forum|Forum|1 year ago
July 4, 2024
3 replies
1397 views

Hello,

I am using the sbsfu application. Once I have implemented the SBSFU firmware to the board, when I connect the board to the STM32Cubeprogrammer, the SBSFU application is in lock status because it has detected an intrusion. I would like to add a printf warning about the intrusion as soon as possible when this situation happens or when someone unauthorized tries to update the firmware. Is it possible to do the following and where should I add it?

STM32U5 series

Jocelyn RICARD

ST Employee

Hello @Istillaga ,

what device are you using ? What implementation of SBSFU?

Best regards

Jocelyn

I

IstillagaAuthor

Associate III

Hello @Jocelyn RICARD,

I'm using the b-u585i-iot02A board and the u5 sbsfu example from github.

Jocelyn RICARD

ST Employee

Hi @Istillaga ,

OK on STM32U5 you have an internal tamper (tamp_itamp6) that detects a JTAG/SWD access.

You need to enable this tamper and store the event when it triggers.

Now, I don't think this can work with RDP Level 1 as MCU will be locked directly because of RDP Level 1.

You may check this with RDP Level 0.5 or RDP Level 2 I think.

Regarding the firmware update, you cannot detect any intrusion. The firmware update will never happen through JTAG. If someone tries to update the firmware using a binary that is not properly signed it will be just rejected. This will be visible on the default logs

Best regards

Jocelyn

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded