Skip to main content
Natali
Natali
Associate III
December 17, 2024
Solved

is RDP LEVEL 1  Enough?

  • December 17, 2024
  • 2 replies
  • 1377 views

hi

please only ST Employee answer this question

i use  this code for enable RDP LEVEL 1  for STM32H743 and STM32F407

Can this code alone protect the program in the flash from any type of attack to read the program in the microcontroller?
Will it be possible to read the program through the bootloader or the program in the sram?

FLASH_OBProgramInitTypeDef OBInit;

OBInit.OptionType = OPTIONBYTE_RDP;
OBInit.RDPLevel = OB_RDP_LEVEL_1;

HAL_FLASH_OB_Unlock();
HAL_FLASH_Unlock();

HAL_FLASHEx_OBProgram(&OBInit);

HAL_FLASH_OB_Launch();
HAL_FLASH_OB_Lock();

HAL_FLASH_Lock();

 

Best answer by Jocelyn RICARD

Hello @Natali ,

When you enable RDP Level 1 the content of the flash is protected from reading from bootloader and from JTAG connection.

You can still attach to the target with JTAG and read the content of the RAM. So, if the firmware copies code in RAM this can be read with JTAG.

Best regards

Jocelyn

 

2 replies

Jocelyn RICARD
Jocelyn RICARDBest answer
ST Employee
December 18, 2024

Hello @Natali ,

When you enable RDP Level 1 the content of the flash is protected from reading from bootloader and from JTAG connection.

You can still attach to the target with JTAG and read the content of the RAM. So, if the firmware copies code in RAM this can be read with JTAG.

Best regards

Jocelyn

 

    Natali
    NataliAuthor
    Associate III
    December 18, 2024

    many thanks

    Chatgpt suggests that the SWD interface be disabled as well. Is this necessary? If so, how should the SWD interface be disabled? Can the SWD interface be re-enabled after it is disabled?

    Jocelyn RICARD
    Jocelyn RICARD
    ST Employee
    December 18, 2024

    Hello @Natali ,

    In RDP Level 1, you can disable the SWD interface by changing the configuration of associated GPIOs in your code. Set SWDIO  and SWDCLK IO as input for instance.

    This prevents the JTAG or SWD HOTPLUG connection while you are running code. But you can still connect under reset. This prevents from checking the content of peripheral registers for instance.

    Other way is to switch to RDP Level 2. In that case, you disable completely SWD and cannot go back.

    Depending on level of security you need, this level 2, associated with a secure boot and secure loader will greatly increase the security level of your device, with the ability to securely update it (using firmware authentication)

    You can have a look to AN5156 that provides lots of useful information.

    Best regards

    Jocelyn

      Terms & ConditionsAccessibility statement