Table of Contents |
---|
Introduction to lifecycle management on STM32H563/573 product lines via using FlashPro-ARM programmer.
FlashPro-ARM programmer have has full support for Debug authentication on STM32H563/573 product lines when TrustZone© is disabled.
All supported by STM32H563/573 mcu’s MCU product states are supported, including provisioning with password management and full regression are supported by FlashPro-ARM programmer.
...
Preparing necessary files
To perform provisioning with password management opertion , the *.obk file is needeed needs to be generated by STM32 Trusted Package Creator tool. . This file is used to configure the conditions required to perforn preform regression of mcu. without it MCU. Without the password file, full regression is not possible.
Example of file is provided in the STM32CubeFW_H5 example provided by ST. The Trusted Package Creator will be used to setup set up this file using the DA_ConfigWithPassword.xml as input located in/Projects/NUCLEO-H563ZI/ROT_Provisioning/DA/Config path.
...
Open Trusted Package Creator and select H5
Open Obkey tab
Select the DA_ConfigWithPassword.xml file
Update the password if needeedneeded
Supported operations by FlashPro-ARM
1. Lifecycle and provisioning with password management using FlashPro-ARM
Open FlashPro-ARM
Select STM32H563/573 mcuMCU
...
Open Setup->Memory Protection tabdialog
Go to lifecycle Lifecycle management tab
Check “Set product state enable” boxcheckbox
Set finale product state
...
Use “DA/PROV” button (this step is not necessaryoptional, but however without password management operation will not perform and full regregresion can't be possible after out from provisioning , full regression is not possible after moving to a higher lifecycle state)
Check “Enable provisioning” box“Enable” box in “Protection files” tab
Use “Browse” button to set path to *.obk file, generated by Trusted Package Creator
Press “Ok” button in STM32 Debug authentication tab
...
Press “Ok” button in Memory Protection tab
Check Memory protection Protection Enable box in the Main GUI
...
Now after use “Auto Prog” or “Lock device” button Afterwards use “AUTO PROG” or “Lock Device” buttons in the FlashPro-ARM programmer to put mcu MCU to selected state and perform password management operation.
2. Full Regression
To perform full regression operation is needeed , a *.bin file is needed with a stored password used to genered generate an *.obk file in STM32 the Trusted Package Creator tool , wchich was needeed (The Trusted Package Creator was needed to perform provisioning with the password management operation).
Example of password.bin file is provided in the STM32CubeFW_H5 example. File located in/Projects/NUCLEO-H563ZI/ROT_Provisioning/DA/Config path.
To perform full regression:
Open FlashPro-ARM
Select STM32H563/573 mcuMCU
Open Setup->Memory Protection tab
Go to lifecycle management tab
Use “DA/PROV” button
Check “Enable password” box“Password regression” box in “Unlock files” tab
Use “Browse” button to set path to *.bin file, with password used to generate *.obk file
Press “Ok” button in STM32 Debug authentication tab
...
Press “Ok” button in Memory Protection tab
Press “Clear locked device” Locked Device” button
After opertion mcu operation completes, the MCU is back to “Open” state.
3. Discover operation
Discover operation allow allows the user to read current mcu MCU state and provisioning status.
To perform the discover operation:
Open FlashPro-ARM
Select STM32H563/573 mcuMCU
Open Setup->Memory Protection tab
Go to lifecycle management tab
Use “Discover” button
In window “Debug Authentication” use “Discover” button to read information from “MCU”MCU
Device ID- id connected MCU
Life Cycle - current MCU state
Integrity status - provisiong status(0xeaeaeaea mean well provisioned, 0xf5f5f5f5 when provisiong fail, in Open state 0xf5f5f5f5 is normal value)
...
Useful links
Elprotronic ST Microelectronics programmer’s page
[1] Flash and Gang Programmers for ST Microelectronics
STMicroelectronics application notes and user manuals:
[1] ST wiki -How to start with DA access on STM32H573 and H563-TrustZone disabled
...