Skip to end of banner
Go to start of banner

Debug Authentication for STM32H563/573

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Introduction to lifecycle management on STM32H563/573 product lines via FlashPro-ARM programmer.

  • FlashPro-ARM programmer have full support for Debug authentication on STM32H563/573 product lines when TrustZone© is disabled.

  • All supported by STM32H563/573 mcu’s product states, provisioning with password management and full regression are supported by FlashPro-ARM programmer.

Preparing necessary files

To perform provisioning with password management opertion *.obk file is needeed generated by STM32 Trusted Package Creator tool. . This file is used to configure the conditions to perforn regression of mcu. without it full regression is not possible.

Example of file is provided in the STM32CubeFW_H5 example. Trusted Package Creator will be used to setup this file using the DA_ConfigWithPassword.xml as input located in/Projects/NUCLEO-H563ZI/ROT_Provisioning/DA/Config path.

To generate a customized configuration file, proceed as follows:

  • Open Trusted Package Creator and select H5

  • Open Obkey tab

  • Select the DA_ConfigWithPassword.xml file

  • Update the password if needeed

Supported operations by FlashPro-ARM

1. Lifecycle and provisioning with password management using FlashPro-ARM

  • Open FlashPro-ARM

  • Select STM32H563/573 mcu

  • Open Setup->Memory Protection tab

  • Go to lifecycle management tab

    • Check “Set product state enable” box

    • Set finale product state

  • Use “DA/PROV” button(this step is not necessary, but without password management operation will not perform and full regregresion can't be possible after out from provisioning state)

    • Check “Enable provisioning” box

    • Use “Browse” button to set path to *.obk file, generated by Trusted Package Creator

    • Press “Ok” button in STM32 Debug authentication tab

  • Press “Ok” button in Memory Protection tab

  • Check Memory protection Enable box

Now after use “Auto Prog” or “Lock device” button FlashPro-ARM programmer put mcu to selected state and perform password management operation.

2. Full Regression

To perform full regression operation is needeed *.bin file with stored password used to genered *.obk file in STM32 Trusted Package Creator tool, wchich was needeed to perform provisioning with password management operation.
Example of password.bin file is provided in the STM32CubeFW_H5 example. File located in/Projects/NUCLEO-H563ZI/ROT_Provisioning/DA/Config path.

  • Open FlashPro-ARM

  • Select STM32H563/573 mcu

  • Open Setup->Memory Protection tab

  • Go to lifecycle management tab

  • Use “DA/PROV” button

    • Check “Enable password” box

    • Use “Browse” button to set path to *.bin file, with password used to generate *.obk file

    • Press “Ok” button in STM32 Debug authentication tab

  • Press “Ok” button in Memory Protection tab

  • Press “Clear locked device” button

After opertion mcu back to “Open” state.

3. Discover operation

Discover operation allow to read current mcu state and provisioning status.

  • Open FlashPro-ARM

  • Select STM32H563/573 mcu

  • Open Setup->Memory Protection tab

  • Go to lifecycle management tab

  • Use “Discover” button

    • In window “Debug Authentication” use “Discover” button to read information from MCU

      • Device ID- id connected MCU

      • Life Cycle - current MCU state

      • Integrity status - provisiong status(0xeaeaeaea mean well provisioned, 0xf5f5f5f5 when provisiong fail, in Open state 0xf5f5f5f5 is normal value)

STMicroelectronics application notes and user manuals:

[1] ST wiki -How to start with DA access on STM32H573 and H563-TrustZone disabled

[2] ST wiki -Debug Authentication STM32H5 How to Introduction

[3] UM2238 - STM32 Trusted Package Creator tool software description

  • No labels