Skip to main content
D
Denish_Patel
Explorer
December 10, 2024
Solved

STM32H7B0VBT6 External Loader

  • December 10, 2024
  • 1 reply
  • 1149 views

I am using the STM32H7B0VBT6 microcontroller, which has limited internal flash memory. To implement Secure Boot and Secure Firmware Update (SBSFU), I have connected an external W25Q256JVIQ flash memory to the MCU via Quad SPI.

 

Is it possible to store the bootloader in the internal flash memory and application firmware store into external flash memory? Please provide any guidance, documents, or articles to help implement this setup?

Best answer by STea

Hello @Denish_Patel ,

Examples of SBSFU solution dual slot configuration on external flash memory are available on these platforms on the H7 series:

  1. External Flash memory with on-the-fly decryption (OTFDEC). An example is provided for the STM32H7B3I-DK board in the 2_Images_ExtFlash variant using a specific cryptographic scheme with AES-CTR firmware encryption.
  2. External Flash memory without on-the-fly decryption (OTFDEC). An example is provided for the STM32H750B-DK board in the 2_Images_ExtFlash variant. Active slot, as well as download slot, are mapped in an external Flash memory, thus firmware confidentiality cannot be ensured.

These examples are available on the XCubeSBSFU Firmware package:

X-CUBE-SBSFU - Secure boot & secure firmware update software expansion for STM32Cube - STMicroelectronics

resources and documentation on the SBSFU solution configuration adaptation and mechanisms can be found in AN5056 and in UM2262 (read Appendix I STM32H7 Series specificities with all the needed details explaining the implementation)

very useful explanation materiel and videos around SBSFU solution can be found in STM32 security ecosystem - STMicroelectronics.
Regards

1 reply

S
STeaBest answer
ST Employee
December 16, 2024

Hello @Denish_Patel ,

Examples of SBSFU solution dual slot configuration on external flash memory are available on these platforms on the H7 series:

  1. External Flash memory with on-the-fly decryption (OTFDEC). An example is provided for the STM32H7B3I-DK board in the 2_Images_ExtFlash variant using a specific cryptographic scheme with AES-CTR firmware encryption.
  2. External Flash memory without on-the-fly decryption (OTFDEC). An example is provided for the STM32H750B-DK board in the 2_Images_ExtFlash variant. Active slot, as well as download slot, are mapped in an external Flash memory, thus firmware confidentiality cannot be ensured.

These examples are available on the XCubeSBSFU Firmware package:

X-CUBE-SBSFU - Secure boot & secure firmware update software expansion for STM32Cube - STMicroelectronics

resources and documentation on the SBSFU solution configuration adaptation and mechanisms can be found in AN5056 and in UM2262 (read Appendix I STM32H7 Series specificities with all the needed details explaining the implementation)

very useful explanation materiel and videos around SBSFU solution can be found in STM32 security ecosystem - STMicroelectronics.
Regards

Terms & ConditionsAccessibility statement