How to start with OEMuRoT on STM32N6 MCUs

How to start with OEMuRoT on STM32N6 MCUs

Literature

• UM2237 STM32CubeProgrammer software description
• AN5054 Secure programming using STM32CubeProgrammer
• BootRom wiki article
• Secure Boot wiki article
• Security features for STM32N6MCUs wiki article
• OEMuRoT for STM32N6

Prerequisites

• Hardware
  • STM32HN6 discovery board
  • Discovery MB1860- STM32N6 (need USBC cable)

Required tools

• IAR: v9.40.1 + IAR patch to support STM32N6 (delivered with V0.5.0) + IAR Patch EWARMv9_STM32N6xx_V0.6.2
  • IAR patch is available in the STM32CubeFW: STM32Cube_FW_N6_Vx.x.x\Utilities\PC_Software
• STM32CubeN6 FW version 1.0.0 or later
• STM32CubeProgrammer version 2.18.0
• Tera Term / Putty or equivalent terminal emulator

• STM32Cube Firmware
  • Download the STM32Cube_FW_N6 Cube firmware (it is recommended to place it close to form the C: to avoid long windows paths).
  • A directory STM32N6-DK is included in "STM32Cube_FW_N6\Projects" .

• Open the env.bat file If the STM32CubeProgrammer has not been installed in the default folder:C:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer, the customized installation path needs to be updated:

1. Introduction

OEMuRoT properties

• It is a secure boot with secure update capabilities

• stored in an external flash memory

• Code provided in STM32CubeN6 firmware

• MCU Boot based

• OEMuRoT crypto keys stored in OTP area

2. Step 1 Configuration management - secrets provisioning

The secrets are provisioned in OTP fuses. Once fused, the secrets can not be modified anymore.

To provision secrets, the device must be in Secured_unlocked state and in development mode. While in development mode, debug is open which allows STM32CubeProgrammer to program OTP fuses.

2.1. BootRom secrets provisioning

BootRom secrets are:

• Keys used to sign the OEMuRoT_Boot firmware
• Keys used to encrypt/decrypt the OEMuRoT_Boot firmware
• RMA password

To generate and provision the secrets, if not already done, refer to the following chapters:

Security:How to install a trusted application on STM32N6 MCUs#Keys Generation

Security:How to install a trusted application on STM32N6 MCUs#Keys provisioning

2.2. OEMuRoT secrets provisioning

Warning

The keys_generation.bat script will overwrite all keys in the OEMuRoT/Keys folder. Make sure to back up any existing keys before running this script.

Launch the script keys_generation.bat  to generate the OEMuRoT secrets in Keys folder

Folder path: Projects\STM32N6570-DK\ROT_Provisioning\OEMuROT

Configure your

• Configure your board in Dev Boot mode:

• If you are using STM32CubeFW N6 v1.0.0,

Open keys-programming.bat script with an editor and replace line 15:

set connect_no_reset=-c port=SWD ap=1 mode=Hotplug

by

set connect_no_reset=-c port=SWD ap=1

Save the modifications.

• Launch the script keys_programming.bat

Folder path: Projects\STM32N6570-DK\ROT_Provisioning\OEMuROT\Keys

Warning

Once programmed, OTP fuses are locked and can't be reprogrammed.

2.3. Debug Authentication password provisioning

When using STM32CubeFW N6 v1.0.0, you must create your password via STM32CubeProgrammer:

• Open the STM32CubeProgrammer and connect your board in Dev Boot mode:

• Go to the shield and select PROV tab.
• Choose a password (size between 4 and 16 characters)
• Select the path where you want to provision the password
• Click "Start Provisioning"

Once the success messages received, the password is provisioned in OTP and can't be changed anymore.

The generated file "password.bin" will be used to do Debug Authentication

Warning

Once programmed, OTP fuses are locked and can't be reprogrammed.

2.4. OEMuRoT provisioning script

The script drives OEM to

• Provision secrets

• Compile OEMuRoT_Boot firmware

• Compile User application Secure and Nonsecure

• Generate trusted images

Then, script automatically flashes

• OEMuRoT_Boot image

• user application image(s)

• User data

Launch provisioning.bat script from folder: Projects\STM32N6570-DK\ROT_Provisioning\OEMuROT.

The step 1 of the script is done. Press a key and start step 2.

3. Step 2: Images generation

3.1. OEMuROT_Boot image generation

OEMuROT_Boot firmware secure boot properties:

• Executed at HDP level 1

• Launches a user application in HDP Level 2

• Secure firmware update

Many Secure boot capabilities' parameters can be updated like:

• Number of user application images and data images
• Load and Run in external or internal RAM / Execute in place option
• SWAP or overwrite mode

OEMuRoT default parameters in STM32CubeFW:

• Load and run Internal RAM
• Overwrite mode
• 1 Secure application image
• 1 Nonsecure application image
• 1 secure data image
• 1 nonsecure data image

To generated application images:

1. Open the postbuild.bat file located in Projects\STM32N6570-DK\Applications\ROT\OEMuROT_Boot\EWARM The postbuild The script is automatically launched after the IAR project compilation. By default, this script signs the OEMuRoT_Boot firmware, but does not encrypt it. In this step by step we are showing how to encrypt and sign the OEMuRoT_Boot firmware so the script must be edited. In order to encrypt the OEMuRoT_Boot firmware, the crypted variable must be set to 1:
2. Save the postbuild.bat script and close it.
3. Launch the Project.eww file in the Projects\STM32N6570-DK\Applications\ROT\OEMuROT_Boot\EWARM folder
4. Compile the project

After build success, the trusted image is created during the postbuild script.

3.2. Application image generation

OEMuRoT_Appli is an example of secure and non secure application managed by OEMuRoT

To generate application images:

1. Launch the Project.eww file in Projects\STM32N6570-DK\Applications\ROT\OEMuROT_Appli\EWARM folder
2. Select the project secure
3. Compile the project
4. Select the project Nonsecure
5. Compile the project

User application must be flashed encrypted and signed

The trusted images have been signed and encrypted during the postbuild script but

this could be done thanks to the STM32TrustePackageCreator tool

3.3. Data images generation

Data secure and nonsecure provided in STM32CubeFW

To update the data examples provided (optional)

• Launch STM32TrustedPackageCreator

• Enter the xml file corresponding to data image secure or nonsecure in Projects\STM32N6570-DK\ROT_Provisioning\OEMuROT\Images

• Update the parameters (input/ output..)

• Click on

⇒ an encrypted and signed file is generated: s_data_enc_sign.bin

4. OEMuRoT - Execute application

• Set the device in flash boot mode and open Tera Term:

5. Load a new user application

In this example, we update the non secure application, but the same process can be applied for the secure application, the secure Datas, or/and the non secure Datas.

First, the non secure application display can be modified before updating a new application.

1. Open the project non secure in IAR
2. Open main.c file nonsecure
3. Modify line 47
4. Rebuild the code → a new trusted image nonsecure is generated

Go back to the Tera Term window, with the device connected in Flash boot mode and press reset to display the application menu. To load a new nonsecure application:

1. Enter “2” to select “New Fw Image”
2. Select “3” “Download Nonsecure App Image”

Follow the instructions:

1. In Tera Term panel, go to File → Transfer → YMODEM → Send
2. Select the new secure application to download: rot_tz_ns_app_enc_sign.bin

rot_tz_ns_app_init_enc_sign.bin contains magic at the end of the binary file. It is used by the provisioning script.

rot_tz_ns_app_enc_sign.bin does not contain the magic and it is used to download a new application. The size of this binary is smaller, the download time is thus reduced.

Result:

1. You get the Success message
2. Press the reset button and see the update displayed

6. Lock the device

To lock the device, refer to the wiki article:Security:How to install a trusted application on STM32N6 MCUs#Lock the device and execute trusted application

7. Debug Authentication

• Open the STM32CubeProgrammer
• The N6 Discovery board must be configured in Flash boot mode.

• Select the shield , then go to DA tab.

• Click to Discover and the discover window is displayed:

After this discover command, you have the possibility to open the debug.

Select the password file password.bin generated in "OEMuRoT secrets provisioning" paragraph, and click to "Open Debug" :

You get this success message:

Debug nonsecure is now opened. The board is automatically connected to the STM32CubeProgrammer.

In the "Memory & File editing" tab, you can read the nonsecure Data @ 0X2404000:

Disconnect STM32CubeProgrammer and you can debug the non secure application in IAR.

Don't disconnect your board (don't power ON/OFF the board), to let the debug opened.

Launch the Project.eww file in Projects\STM32N6570-DK\Applications\ROT\OEMuROT_Appli\EWARM folder

Modify the Project nonsecure properties:

1. Right click on Project-ns project and select "Options..."
2. In "Debugger" select "ST-LINK" driver
3. In "ST-LINK" select "ST-LINK/V3" emulator. Then choose access port = 1 and set Interface speed to 2MHZ.

Click OK

• Add a breakpoint in main.c file nonsecure, line 195
• Select "Project -> Attach to Running Target"

You can now debug the nonsecure code in IAR.