Debug Authentication for STM32H503
Introduction to lifecycle management on STM32H503 product lines using FlashPro/GangPro-ARM programmer.
FlashPro-ARM and GangPro-ARM programmers have full support for Debug authentication on STM32H503 product lines
All STM32H503 MCU product states are supported, including provisioning with password management and full regression.
Preparing necessary files using STM32CubeMX
To perform provisioning with password management , the *.bin file with password or password HASH is needed.
Example files are provided in the STM32CubeFW_H5 provided by STM, located in /Projects/NUCLEO-H503RB/ROT_Provisioning/DA/
password.bin - file with password
Board_password.bin -HASH of user password
It is also possible to hand-type a password in the FlashPro-ARM software security configuration utility.
Supported operations by FlashPro/GangPro-ARM
1. Lifecycle and provisioning with password management
Open FlashPro-ARM or GangPro-ARM software
Select STM32H503 MCU
Open Setup->Memory Protection dialog
Go to Lifecycle management tab
Check “Set product state enable” checkbox
Set finale product state
Use “DA/PROV” button (this step is optional, however without password management, full regression is not possible after moving to a higher lifecycle state). The password cannot be updated after provisioning.
Set source of password of hash file
file with password hash(Hash file option)
file with password(Password file option)
type password from keybord(User Password option
After type source password Press “Ok” button in STM32 Debug authentication tab
Press “Ok” button in Memory Protection tab
Check Memory Protection Enable box in the Main GUI
Afterwards use “AUTO PROG” or “Lock Device” buttons in the Main GUI to put MCU to selected state and perform password management operation.
2. Full Regression
To perform full regression, a *.bin file with a password is needed
Example of password.bin file is provided in the STM32CubeFW_H5 example. File located in/Projects//Projects/NUCLEO-H503RB/ROT_Provisioning/DA/password.bin
To perform full regression:
Open FlashPro-ARM or GangPro-ARM software
Select STM32H503 MCU
Open Setup->Memory Protection tab
Go to lifecycle management tab
Use “DA/PROV” button
set of password source
file with password hash(Hash file option)
file with password(Password file option)
to unlock device in this step cannot pick hash option.
Press “Ok” button in Memory Protection tab
Press “Clear Locked Device” button
After operation completes, the MCU is back to “Open” state and flash memory is erase.
3. Discover operation
Discover operation allows the user to read current MCU state and provisioning status.
To perform the discover operation:
Open FlashPro-ARM or GangPro-ARM software
Select STM32H503 MCU
Open Setup->Memory Protection tab
Go to lifecycle management tab
Use “Discover” button
In window “Debug Authentication” use “Discover” button to read information from MCU
Device ID- id connected MCU
Life Cycle - current MCU state
Integrity status - provisioning status(in STM32H503xx is always 0xFFFFFFFF)
Useful links
Elprotronic ST Microelectronics programmer’s page
[1] Flash and Gang Programmers for ST Microelectronics
STMicroelectronics application notes and user manuals:
[1] Debug authentication for STM32H503 product lines
[2] How to start with DA access on STM32H503