Skip to main content
TKopp.67
TKopp.67
Associate III
November 28, 2023
Solved

secure firmware update using USART

  • November 28, 2023
  • 1 reply
  • 2672 views

Hi everyone,

I'm working in a Medical devices company and we use currently plenty of STM32s (F0,F1,F4, maybe soon H7). Until now, we didn't bother that much the cybersecurity topic for the firmwares but now the norms are forcing us :D.

I checked a bit all the security features availables on STM32 products and i'm a bit confused because there is a looooot.

Anyway, we currently use stm32-flasher to update our firmware via the uart interface of the bootloader. 

Here comes my question, how can i secure this update, we to be able to update if it's needed but to avoid/make it more difficult for anyone connecting to the device from our main CPU via our external debug interface?

Thanks in advance for your answer,

Thomas 

This topic has been closed for replies.
Best answer by STea

Hello @TKopp.67 ,

The security solution offered by ST is indeed variant and covering almost all of the stm32 family . i recommend you have a look on this page for more information about ST security offer .

Regarding securing the firmware update process ST offers the SBSFU(secure boot secure firmware update) package to do so . unfortunately it is not available for STM32 F1 and F0 . you can check the SBSFU solution more  in this wiki or check the Getting started with the X-CUBE-SBSFU .

BR

1 reply

S
STeaBest answer
ST Employee
November 28, 2023

Hello @TKopp.67 ,

The security solution offered by ST is indeed variant and covering almost all of the stm32 family . i recommend you have a look on this page for more information about ST security offer .

Regarding securing the firmware update process ST offers the SBSFU(secure boot secure firmware update) package to do so . unfortunately it is not available for STM32 F1 and F0 . you can check the SBSFU solution more  in this wiki or check the Getting started with the X-CUBE-SBSFU .

BR

TKopp.67
TKopp.67Author
Associate III
November 29, 2023

Hello @STea

Thank you for your answer, i will check about it.

Best Regards,

 

 

Terms & ConditionsAccessibility statement