All STM32 microcontrollers are part of the STM32Trust ecosystem to ensure robust security across 12 specific strategies, including secure boot and update, memory protection, tamper detection, cryptography, authentication, and others, in order to ensure varying levels of compliance with recognized certification schemes for IoT platforms, such as SESIP and PSA by ARM®.
X-CUBE-SBSFU Secure Boot Firmware
The X-CUBE-SBSFU Secure Boot and Secure Firmware Update software ensures immutable Root of Trust service code is always executed after a system reset to check and activate STM32 static and runtime protections and verify the authenticity and integrity of user application code, and checks the authenticity and integrity of any firmware updates before they are installed. The software also provides secure key management and cryptographic services to user applications.
SASTFE-A110 tamper-resistant secure element
STSAFE-A110 is a tamper-resistant secure element (Hardware Common Criteria EAL5+ certified) used to host X509 certificates and keys and perform verifications that are used for firmware image authentication during Secure Boot and Secure Firmware Update procedures.
- Status and activation of static and run-time STM32Trust security measures on every STM32 boot up instance
- STSAFE secure element hardware for higher grade security than possible with software only
- Secure Firmware Update with anti-rollback and partial image update capabilities for Over-the-Air or local firmware image update