How to start with Secure Manager default configuration on STM32H5

Target description

The purpose of this article is to explain step by step how to use the Secure Manager provided in the STM32Cube_FW-H5, using the STM32H573 discovery board.
This "how to start" guide is using the default configuration provided in the STM32Cube_FW_H5.
If you want to modify the default configuration, please refer to the How to start with Secure Manager customized config on STM32H5 article.

It is strongly advised to start with this practical example before starting to customize your own solution.
If you want to regenerate keys, you must understand the implications and understand how to store the keys.

1. Introduction

2. Prerequisites

  • Hardware
    • STM32H573 discovery board: the STM32H573 devices have all the available security features, including the HW crypto accelerator. (Note: the Secure Manager is not supported for STM32H56x devices, the HW crypto is not available)
    • Discovery MB1677- STM32H573 (USB-C cable not included)
Figure 1 STM32H573-DK MB1677.png
  • In case your board has already been used for other hands-ons:
    • Perform a regression in case the board is in another state than OPEN (using the script provided for the last hands-on done).
    • If the board is in OPEN state, verify that the SECBOOT_LOCK option byte is not set (use STM32CubeProgrammer).
  • Required tools
    • STM32Cube_H5_V1.2.0.
    • X-Cube-SEC-M-H5_V1.1.2 available upon request. It contains the Secure Manager binary.
    • STM32CubeProgrammer_2.16.0 including RSSe v2.0.1.0 (with STM32TrustedPackageCreator (TPC) selected at installation).
    • One of the supported IDE:
      • EWARM (IAR) : V9.20.1 and the patch EWARMv9_STM32H5xx_V1.1.1 or later to support the STM32H5 series
      • STM32CubeIDE : 1.15.0
      • MDK_ARM : V5.38.0.0 and the patch Keil_STM32H5_DFP.1.3.1 or later to support the STM32H5 series
    • Tera Term / Putty or equivalent UART terminal emulator.

The IDE patches can be found in the STM32CubeFW_H5 Cube firmware:

Figure 2 IDE patches in STM32CubeH5 Firmware Package
  • STM32Cube Firmware
    • Download the STM32 Cube Firmware H5.
    • Download the X-Cube Secure Manager expansion package and copy at the root of the STM32 Cube Firmware H5.
    • A directory STM32H573I-DK is included in the Projects directory.
    • If the STM32CubeProgrammer has not been installed in the default folder:
      • C:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer.
      • The customized installation path needs to be updated in the environment variable: env.bat (see the example in the figure below).
Error creating thumbnail: File missing
Figure 3 STM32CubeProgrammer installation path to update in env.bat file
Warning DB.png Important
If you want to use the X-Cube-SEC-M-H5_V1.1.1, you need to download the STM32Cube_FW_H5_V1.1.0 and the STM32Cube_FW_H5_V1.1.1 patch. All STM32Cube patch V1.1.1 files must be copied into the Cube V1.1.0.
Warning white.png Warning
The package X-Cube-SEC-M_H5_V1.1.1 is only compatible with STM32CubeProgrammer v2.14.

3. Step by step instructions

  • On the STM32H573-DK, check that the switch (SW1) is set to 0 to boot from user flash
Figure 4 SW1 switch to set to 0 (user flash boot)
  • Connect the STM32H573-DK using the USB-C cable
  • Execute the provisioning_auto.bat script
Figure 5 Secure Manager installation script

In the figure above two scripts are shown:
- The provisioning_auto.bat to install the default configuration (used in this article).
- The provisioning.bat to customize the configuration (used in the How to start with Secure Manager customized config on STM32H5 article

3.1. Script (provisioning_auto.bat) step 1

The step 1 of the script automatically generates all the needed files used for the device confguration.
When using the default configuration and keys, the script is executed up to step 2.

Error creating thumbnail: File missing
Figure 6 Configuration file generation

The step 1 of the script automatically generates all the files needed for the Secure Manager configuration.
As mentioned before, for more details about customized configuration, please refer to How to start with Secure Manager customized config on STM32H5 article.

Note: The figure above shows the Debug Authentication (DA) configuration. For all trials, it is advised to use the default keys provided by ST. In case new keys are generated and the device is set in another state than open, it will not be possible to reopen the debugger and to make a regression in case these new keys are lost.

3.2. Script (provisioning_auto.bat) step 2

After completion of step 1, follow the indications of the script as shown in the figure below.
The step 2 of the script installs the Secure Manager and a nonsecure default application.

Error creating thumbnail: File missing
Figure 7 Secure Manager and default application installation

After installation you should see:

  • The message saying the board is correctly confirmed
  • On the discovery board the led1, led2, led3 and led4 must blink (default installed code by the script)

Note in case of issue:

  • Check the provisioning.log file (in directory: \Projects\STM32H573I-DK\ROT_Provisioning\SM).
  • Perform a regression (see chapter below) and restart at the beginning of this article.

4. Default installed code execution

As mentioned above, after the script execution completion, you should see the four led blinking corresponding to the default installed application code.

  • Start Tera Term or another terminal emulator (see figure below)
    • Select -> Serial -> select your COM port
    • Setup -> Serial port -> set Speed to 115200 baudrate, Data to 8 bit and Stop bit to 1bit -> New setting
Figure 8 Tera Term setting
  • Press the reset button of the discovery board (B2 black button)
  • The default installed code makes four led blinking and outputs the information shown in the terminal (see figure below): the memory configuration, the Secure Manager version and the version of the installed ST Updatable Root of Trust.

(for more details about uRoT please refer to the Secure Boot for STM32H5 article).

Figure 9 Default installed application execution

  • Close the terminal window
  • Start STM32CubeProgrammer and try to connect, see the figure below
Figure 10 STM32CubeProgrammer connection

The following can be observed:

  • The Option Byte readout shows that the script has set the device in TZ-Closed (TrustZone®-Closed). This leaves the nonsecure application open for debug. For more details about product states, refer to the New product state article
  • The user flash at 0x08000000 is not accessible as it is a secure zone where the Secure Manager is installed.
  • The user flash at 0x0806E400 is accessible and is the location of the nonsecure default installed application.


  • Do not modify the Option Bytes (regressions are not allowed, Closed state setting is allowed but don't do it for this tutorial as it closes the debug access for the nonsecure application).
  • !! Important reminder: the Locked state closes definitively your device. It is a final state adding a further protection level, but the device can not be changed or the debugger reopened anymore, by any method.

5. Develop your own application

As described above, the device is set in TZ-Closed by the installation script. This means that the device is still open for nonsecure application development.
An example of application that you can modify is included in the STM32Cube_H5. It is provided for the three supported IDE (EWARM, MDK-ARM and STM32CubeIDE).

  • Open the application located at : STM32Cube_FW_H5_Vx.x.x\Projects\STM32H573I-DK\Applications\ROT\SMAK_Appli\
  • The following example is shown using IAR (EWARM) project, you can use the other supported IDE (MDK-ARM, STM32CubeIDE) in the same way.
  • You can make your own modifications to this code.
  • To upload the code to the device, simply select: download and debug as shown in figure below (for IAR)
Figure 11 Code download into the device (IAR)
Error creating thumbnail: File missing
Figure 12 SMAK application execution
  • Since the device is in TZ-Closed, it is open for nonsecure application development, a modification of the application running on the device is straightforward:
  • Open the IDE, make your modifications and reload the modified application. For IAR select Make&Restart (see figure below)
Figure 13 Load modified application into the device (IAR)
  • Press the reset button of the discovery board (B2 black button) and the new application code is executed.

6. Regression

Perfoming a full regression is reinitialization (back to virgin state) the device.

  • The installed Secure Manager is removed
  • The full user Flash and OBKeys are erased
  • The memory mapping for nonsecure application is no longer fixed
  • The device is set in Open state

For more explanations see Secure Manager STM32H5 How to Intro article.

The easiest way to make a regression is to use the provided script shown in the figure below.

Error creating thumbnail: File missing
Figure 14 Full regression executing the provided script
  • Double click and the script automatically performs the regression
  • When the regression is completed, the script displays the message below
Figure 15 Regression completed

7. Troubleshooting

If the Secure Manager is used with the default configuration as described above, you should not have any issue (as nothing can be wrongly configured)
If errors occur, please refer to the dedicated chapter of the article How to start with Secure Manager customized config on STM32H5