Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

Introduction to lifecycle management on STM32H563/573 product lines via using FlashPro-ARM programmer.

  • FlashPro-ARM programmer have has full support for Debug authentication on STM32H563/573 product lines when TrustZone© is disabled.

  • All supported by STM32H563/573 mcu’s MCU product states are supported, including provisioning with password management and full regression are supported by FlashPro-ARM programmer.

...

Preparing necessary files

To perform provisioning with password management opertion , the *.obk file is needeed needs to be generated by STM32 Trusted Package Creator tool. . This file is used to configure the conditions required to perforn preform regression of mcu. without it MCU. Without the password file, full regression is not possible.

Example of file is provided in the STM32CubeFW_H5 example provided by ST. The Trusted Package Creator will be used to setup set up this file using the DA_ConfigWithPassword.xml as input located in/Projects/NUCLEO-H563ZI/ROT_Provisioning/DA/Config path.

...

  • Open Trusted Package Creator and select H5

  • Open Obkey tab

  • Select the DA_ConfigWithPassword.xml file

  • Update the password if needeedneeded

Supported operations by FlashPro-ARM

1. Lifecycle and provisioning with password management using FlashPro-ARM

  • Open FlashPro-ARM

  • Select STM32H563/573 mcuMCU

...

  • Open Setup->Memory Protection tabdialog

  • Go to lifecycle Lifecycle management tab

    • Check “Set product state enable” boxcheckbox

    • Set finale product state

...

  • Use “DA/PROV” button (this step is not necessaryoptional, but however without password management operation will not perform and full regregresion can't be possible after out from provisioning , full regression is not possible after moving to a higher lifecycle state)

    • Check “Enable provisioning” box“Enable” box in “Protection files” tab

    • Use “Browse” button to set path to *.obk file, generated by Trusted Package Creator

    • Press “Ok” button in STM32 Debug authentication tab

...

image-20240523-115620.pngImage Added

  • Press “Ok” button in Memory Protection tab

  • Check Memory protection Protection Enable box in the Main GUI

...

Now after use “Auto Prog” or “Lock device” button Afterwards use “AUTO PROG” or “Lock Device” buttons in the FlashPro-ARM programmer to put mcu MCU to selected state and perform password management operation.

2. Full Regression

To perform full regression operation is needeed , a *.bin file is needed with a stored password used to genered generate an *.obk file in STM32 the Trusted Package Creator tool , wchich was needeed (The Trusted Package Creator was needed to perform provisioning with the password management operation).
Example of password.bin file is provided in the STM32CubeFW_H5 example. File located in/Projects/NUCLEO-H563ZI/ROT_Provisioning/DA/Config path.

To perform full regression:

  • Open FlashPro-ARM

  • Select STM32H563/573 mcuMCU

  • Open Setup->Memory Protection tab

  • Go to lifecycle management tab

  • Use “DA/PROV” button

    • Check “Enable password” box“Password regression” box in “Unlock files” tab

    • Use “Browse” button to set path to *.bin file, with password used to generate *.obk file

    • Press “Ok” button in STM32 Debug authentication tab

...

image-20240523-115747.pngImage Added

  • Press “Ok” button in Memory Protection tab

  • Press “Clear locked device” Locked Device” button

After opertion mcu operation completes, the MCU is back to “Open” state.

3. Discover operation

Discover operation allow allows the user to read current mcu MCU state and provisioning status.

To perform the discover operation:

  • Open FlashPro-ARM

  • Select STM32H563/573 mcuMCU

  • Open Setup->Memory Protection tab

  • Go to lifecycle management tab

  • Use “Discover” button

    • In window “Debug Authentication” use “Discover” button to read information from “MCU”MCU

      • Device ID- id connected MCU

      • Life Cycle - current MCU state

      • Integrity status - provisiong status(0xeaeaeaea mean well provisioned, 0xf5f5f5f5 when provisiong fail, in Open state 0xf5f5f5f5 is normal value)

...

Useful links

Elprotronic ST Microelectronics programmer’s page

[1] Flash and Gang Programmers for ST Microelectronics

STMicroelectronics application notes and user manuals:

[1] ST wiki -How to start with DA access on STM32H573 and H563-TrustZone disabled

...