Skip to main content
E
epsilong
Associate
June 5, 2025
Question

Secure Boot STiROT with Dual Bank STM32H573

  • June 5, 2025
  • 2 replies
  • 494 views

I am trying to figure out if we can both use secure boot (with Trustzone) and dual bank at the same time. I see in AN0007 that "SWAP_BANK activation by option byte is not supported by STiRoT." Is there some other way to swap banks without using the option byte, or does STiROT effectively make dual bank unusable?

2 replies

E
epsilongAuthor
Associate
June 5, 2025

AN6007 *

Jocelyn RICARD
Jocelyn RICARD
ST Employee
June 5, 2025

Hello @epsilong,

STiROT does not permit usage of dual bank.

Dual bank update is very specific and usually not used in secureboot context.

Best regards

Jocelyn

E
epsilongAuthor
Associate
June 6, 2025

Hi @Jocelyn RICARD, thanks for the reply. Since STiRoT is required for debug authentication, does that mean debug authentication is also not compatible with dual bank swapping?

 

Also, maybe this is question is obvious but I couldn't find it from the documentation, but is there a way to use secure boot but skip encrypting the firmware image so that it can be placed directly into the execution area of flash and ran from there, but still allow the STiRoT to verify the identify of the image through the signature? This way we could skip allocating a "download area" of flash and directly run the downloaded image. We do not need the image to be encrypted as it is already encrypted over TLS.

 

Jocelyn RICARD
Jocelyn RICARD
ST Employee
June 9, 2025

Hello @epsilong,

The application firmware that downloads the update binary cannot write it to itself. This is the reason for the download slot. I'm not sure what kind of setup you are thinking.

Regarding your second point, "this point is probably irrelevant if dual bank is disabled when using STiRoT, because we are not planning on using OEMiRoT (developing our own)."

I'm sorry I can't understand your point.  Could you please explain in more detail what you expect.

"Easy to use OEMiROT binaries pre-made" also does not make sense to me.

OEMiROT is provided as example in the STM32CubeH5. You can use it as basis for your own secure boot implementation.

Best regards

Jocelyn

 

Terms & ConditionsAccessibility statement