- Last edited 2 months ago ago
Debug Authentication for STM32H5
Contents
1 Introduction
This article lists the main characteristics of Debug Authentication applied to STM32H5 MCUs.
The theoretical article about Debug Authentication describes all the possibilities of this feature: Debug Authentication
If you want to learn more about Debug Authentication specific usage for each STM32H5 device and you want to practice, refer to Debug Authentication STM32H5 How to Introduction
2 Debug Authentication main principles overview
- Debug authentication controls:
- Debug opening: Re-open Debug Access on the STM32 securely.
- Regressions: Perform regression to product states OPEN or TZ-CLOSED securely, erasing user data in user Flash, SRAM, and OBKeys.
- It is usable:
- During development
- During manufacturing
- For field return analysis
- Debug Authentication is only useful when STM32 is no more in product state OPEN.
Refer to STM32 Product State Life cycle to learn more about the product state lifecycle.
- Features
- TZ disabled requires a password (very similar to U5). Only regression is possible.
- When TZ enabled: usage of certificates chain. Regression and debug opening are possible.
- Debug Authentication principle
- Uses JTAG dedicated access point (ap0) to communicate with the chip
- Secure protocol defined by Arm®: ARM PSA ADAC V1.0. (Authenticated Debug Access Control) [1]
3 Debug Authentication for STM32H5 devices
STM32H5 series devices have specific characteristics that make the use of Debug Authentication different for every.
3.1 OBKey area
- STM32H563/573 has OBKey areas used to store keys/ passwords.
- STM32H503 devices don't have an OBKey area and use OTP (one-time programming) area to store passwords. That means that password cannot be changed anymore once provisioned.
3.2 TrustZone® feature
Debug Authentication usage is different depending on the activation of the TrustZone® feature.
- If TrustZone® is active on a device with a secure or non-secure code flashed on the board, a regression or debugging re-opening from a product state different than "OPEN" can be done using a certificate.
In this case, a partial regression (to TZ-CLOSED state) or a full regression (to OPEN state) is possible.
- If TrustZone® is inactive on a device, Debug Authentication is only possible with a password.
Only Full regression to the OPEN state is possible.
For STM32H503 devices, TrustZone® is inactive, and Debug Authentication always uses the password method.
4 References