Package boosts security of STM32 code

STMicroelectronics has launched STM32Trust to guide designers’ efforts to build strong cyber-protection into new IoT devices leveraging industry best-practices.

STM32Trust combines knowledge, design tools, and ready-to-use original ST software. These help designers take advantage of features built into STM32 microcontrollers to ensure trust among devices, prevent unauthorized access, and resist side-channel attacks. All this averts data theft and code modification.

Integrating all available cyber-protection resources for the STM32 family, STM32Trust helps designers implement a robust multi-level strategy leveraging security-focused chip features and software packages.

The STM32 family is the world’s leading system-on-chip portfolio based on the Arm Cortex CPU architecture and contains almost 1000 variants used in smart appliances, remote sensors, wearables, e-health devices, IoT gateways, access-controlled storage, payments, and many other connected devices. Depending on the model, hardware cyber-protection can include features such as customized secure boot, a random-number generator to prevent hackers observing patterns in signals, dedicated encryption co-processors, and secure storage for encryption keys. ST also builds in tamper detection, firewall code-isolation mechanisms and implements Arm TrustZone technologies for extra protection of the most sensitive code.

STM32Trust provides product developers with all they need to protect connected objects effectively using these features, including reference material and free software.

Among the reference software packages X-CUBE-SBSFU demonstrates how to protect application code at its most vulnerable when being transferred into boot memory or updated in the field. X-CUBE-SBSFU reference packages are available for the STM32F4, F7, H7, L0, L1, L4, G0, G4, and WB. There is also a reference implementation of ST’s secure element STSAFE, which maximizes the security level of the final application.

In addition, Secure Firmware Installation solutions for STM32L4 and STM32H7 microcontrollers provide protection while devices are being programmed for the first time. The solution offers a complete toolset to encrypt OEM binaries with the Trusted Package Creator software, the STM32CUBEProgrammer to flash the STM32 securely, and the STM32HSM to transfer OEM credentials to the programming partner.

The STM32Trust resources including tools, evaluated reference material, and source code can be downloaded free of charge from http://www.st.com/stm32trust.