Table of Contents
Advertisement
Quick Links
UM2745
User manual
®
STM32CubeL5 TFM security guidance for SESIP profile for Arm
PSA Level 2
chip
Introduction
This document describes how to prepare STM32L5 microcontrollers to make a secure system solution compliant with SESIP
Profile for PSA L2 using the STM32Cube_FW_L5_V1.1.0 SW package.
The
STM32L562E-DK
board (integrating an STM32L5 microcontroller) is used as the HW vehicle to implement / test a non-
secure application using secure services but it does not bring any additional security mechanism.
The security guidance described in this document is applicable to any boards based on STM32L5 microcontrollers.
UM2745 - Rev 1 - July 2020
www.st.com
For further information contact your local STMicroelectronics sales office.
Advertisement
Table of Contents
Related Manuals for ST STM32CubeL5
Summary of Contents for ST STM32CubeL5
- Page 1 UM2745 User manual ® STM32CubeL5 TFM security guidance for SESIP profile for Arm PSA Level 2 chip Introduction This document describes how to prepare STM32L5 microcontrollers to make a secure system solution compliant with SESIP Profile for PSA L2 using the STM32Cube_FW_L5_V1.1.0 SW package.
-
Page 2: General Information
Memory protection unit Platform security architecture. Framework for securing devices. Root of trust Secure boot and secure firmware update. In the STM32CubeL5 this is the name of the TF-M based application, SBSFU with secure boot and secure firmware update functionalities only. - Page 3 UM2745 General information Acronym Description Write protection UM2745 - Rev 1 page 3/36...
-
Page 4: Reference Documents
STM32L5 reference manual - Rev 5 [TFM_RC2_RM] Open Source TF-M reference manual v1.0RC2 [UM2656] Getting started with STM32CubeL5 for STM32L5 Series – Rev.1 [AN4992] Overview secure firmware install (SFI) – Rev.7 [UM2237] STM32CubeProgrammer software description user manual – Rev 11 [UM2671] Getting started with STM32CubeL5 TFM application –... -
Page 5: Preparative Procedures
User Flash. The software package can be downloaded directly from the STMicroelectronics. Note that it is the responsibility of the integrator to choose the correct STM32CubeL5 package version. • How to accept STM32L5 microcontroller: by reading, with STM32CubeProgrammer (for more details, refer to... -
Page 6: Secure Installation And Secure Preparation Of The Operational Environment (Agd_Pre.1.2C)
Copy STM32Cube_FW_L5_V1.1.0 SW package on your Windows host hard disk at the following location “C:\data” Development toolchains and compilers TFM tests will be done using CubeIDE projects delivered in the STM32CubeL5 SW Package, so STM32CubeIDE tool (version: 1.2.0.19w47 Build: 4750_20191121_1215 or version: 1.2.0 Build: 5034_20300108_0926) shall be installed on the host. -
Page 7: Secure Installation
UM2745 Secure installation Software tools for programming STM32 microcontrollers STM32CubeProgrammer V2.2.0 (STM32CubeProg) is an all-in-one multi-OS software tool for programming STM32 microcontrollers. It provides an easy-to-use and efficient environment for reading, writing and verifying device memory through both the debug interface (JTAG and SWD) and the bootloader interface (UART and USB). -
Page 8: Figure 1. Stm32Cubeprogrammer Connection Menu
UM2745 Secure installation Step1: Connection: Menu Target / Connect with Hot plug mode selected Figure 1. STM32CubeProgrammer connection menu Step2: Option bytes settings: Menu Target / Option bytes On a virgin chip, the following Option byte values shall be set: •... -
Page 9: Figure 2. Stm32Cubeprogrammer Option Bytes Screen (Rdp, Dbank And Sram2_Rst)
UM2745 Secure installation Figure 2. STM32CubeProgrammer Option bytes screen (RDP, DBANK and SRAM2_RST) Figure 3. STM32CubeProgrammer Option bytes screen (TZEN and SECBOOTADD0) UM2745 - Rev 1 page 9/36... -
Page 10: Figure 4. Stm32Cubeprogrammer Erasing
UM2745 Secure installation Step3: Erase chip: Menu Target / Erase Chip Figure 4. STM32CubeProgrammer erasing Step4: Disconnect: Menu Target / Disconnect Figure 5. STM32CubeProgrammer disconnect UM2745 - Rev 1 page 10/36... -
Page 11: Application Compilation Process
UM2745 Secure installation 3.3.2 Application compilation process With STM32CubeIDE IDE, build the 3 TFM related projects (refer to Figure 6. STM32CubeIDE TFM projects) provided in the STM32Cube_FW_L5_V1.1.0 SW package (strictly following the order described hereafter): • TFM_SBSFU project compilation: \Projects\STM32L562E-DK\Applications\TFM\TFM_SBSFU\ In the context of security certification, TFM_SBSFU project shall be compiled in “production mode”... -
Page 12: Sw Programing Into Stm32L5 Chip Internal Flash Memory
UM2745 Secure installation • TFM_Appli secure project compilation: \Projects\STM32L562E-DK\Applications\TFM\TFM_Appli\ – Build \TFM_Appli\STM32CubeIDE\ Project_s.uvprojx – Check TFM_Appli secure binary is generated (\TFM_Appli\STM32CubeIDE\STM32L562E- DISCO_TFM_Secure\Debug\STM32L562E-DISCO_TFM_Secure.bin) – Check TFM_Appli secure sign binary is generated (TFM_Appli\Binary\tfm_s_sign.bin) • TFM_Appli non secure project compilation: \Projects\STM32L562E-DK\Applications\TFM\TFM_Appli\ – Build \TFM_Appli\STM32CubeIDE\ Project_ns.uvprojx –... -
Page 13: Figure 7. Stm32L5 User Flash Memory Mapping
UM2745 Secure installation Figure 7. STM32L5 User Flash memory mapping Non secure area Secure area Non-secure image secondary slot Non secure area Area 3 (72 KB) FLASH_AREA_3_OFFSET: 0x0C06E000 Non-secure image secondary slot Non secure area Area 2 (144 KB) FLASH_AREA_2_OFFSET: 0x0C04A000 Non-secure image secondary slot Non secure Area 1... -
Page 14: Configuring Stm32L5 Static Security Protections
UM2745 Secure installation • Step3: TFM_SBSFU binary at Flash memory address FLASH_AREA_PERSO_OFFSET. 3.3.4 Configuring STM32L5 static security protections Static security protections in STM32L5 option bytes are configured by means of the STM32CubeProg TOOL through the following 3 steps: Step1: Connection: Menu Target / Connect with Hot plug mode selected Figure 9. -
Page 15: Figure 10. Stm32Cubeprogrammer Option Bytes Screen (Rdp L1)
UM2745 Secure installation Figure 10. STM32CubeProgrammer option bytes screen (RDP L1) Figure 11. STM32CubeProgrammer option bytes screen (HDP, BOOT_LOCK) UM2745 - Rev 1 page 15/36... -
Page 16: Tera Term Connection Preparation Procedure
ST-LINK disable The security mechanisms managed by TFM_SBSFU forbid JTAG connection (interpreted as an external attack). The ST-LINK must be disabled to establish a Tera Term connection. The following procedure applies from ST- LINK firmware version V2J29 onwards: Power cycle the board after flashing binaries (unplug/plug the USB cable and remove jumper on STM32L562E-DK board). -
Page 17: Tera Term Launch
UM2745 Tera Term connection preparation procedure Figure 13. Jumper to remove on STM32L562E-DK board 3.4.2 Tera Term launch The Tera Term launch requires that the port is selected as COMxx: STMicroelectronics STLink Virtual COM port. Figure hereafter illustrates an example based on the selection of port COM44. Figure 14. -
Page 18: Figure 15. Tera Term Setup Screen
UM2745 Tera Term connection preparation procedure Figure 15. Tera Term setup screen Note: After each plug / unplug of the USB cable, the Tera Term Serial port setup menu may have to be validated again to restart the connection. Press the Reset button to display the welcome screen. The virtual COM port is used to log information;... -
Page 19: Operational User Guidance
STMicroelectronics. The integrator has full access to the source code delivered in the STM32CubeL5 SW package, has full access to the STM32L5 chip security features (STM32L5 IC is delivered as virgin state without any security features activated) that will be integrated on its board and has full access to the tools needed to program the TOE. - Page 20 UM2745 Operational guidance for the role integrator Follow procedures described in the Section 3.1 Secure acceptance to check if you use the TOE in the certified configuration. The certified configuration of the TOE could be impacted when changing some parts of the TOE but could also be impacted when changing some parts located outside the TOE scope.
-
Page 21: Figure 18. Integrator Minimum Customizations
Instance ID (sha256 of public EAT key - unique per chip) Figure 18. Integrator minimum customizations Non secure area Secure area ST TFM application example Non-secure image secondary slot Non-secure image secondary slot Non secure area Non secure area Area 3... -
Page 22: Figure 19. Integrator Personalized Data In Source Code
UM2745 Operational guidance for the role integrator Figure 19. Integrator personalized data in source code Figure 20. Integrator personalized data in TFM_SBSFU binary (huk_value example) The flexibility for an integrator to personalize the “Integrator Perso data” binary data without compromising the TOE security falls within the scope of this evaluation and remains the certified configuration. -
Page 23: Available Interfaces And Method Of Use (Agd_Ope.1.2C & Agd_Ope.1.3C)
UM2745 Operational guidance for the role integrator Secure Storage size change The integrator can also choose to change the size of secure storage areas located in the TOE (size of the protected Storage area used by the Protected Storage API of the TOE and/or size of the Internal Trusted Storage area used by the Internal Trusted Storage API). - Page 24 UM2745 Operational guidance for the role integrator • Always initialize/clear allocated memory – do not rely on uninitialized data, prevent from leakage of residual information. • The API extension shall not modify any global system variables. It is permitted to use only local private variables and memory allocated/mapped by the API extension itself and care must be taken not to reveal sensitive system variable values (ie keys).
-
Page 25: Figure 21. Secure Image Secondary Slot Region Mapping
UM2745 Operational guidance for the role integrator Figure 21. Secure image secondary slot region mapping Non secure area Secure area Non-secure image secondary slot Non secure area Area 3 (72 KB) FLASH_AREA_3_OFFSET: 0x0C06E000 Non-secure image secondary slot Non secure area Area 2 (144 KB) FLASH_AREA_2_OFFSET: 0x0C04A000... -
Page 26: Figure 23. Non-Secure Image Secondary Slot Region Mapping
UM2745 Operational guidance for the role integrator Errors: Candidate image is not installed in the “Secure image primary” slot in case of following errors: • Version dependency failure: version of secure image non consistent with version of the non-secure image. Candidate image is not installed in the “Secure image primary”... -
Page 27: Figure 24. Non-Secure Image Format
UM2745 Operational guidance for the role integrator To use the Non-Secure image secondary slot, data shall be written at the correct format in the Non-Secure image secondary slot area as illustrated hereafter: Figure 24. Non-secure image format Parameters Candidate image written in the “Non-Secure image secondary” slot. Actions At each product reset TOE (TFM_SBSFU application) checks if a new Non-Secure image has been pre-loaded by the non- secure application in the “Non-Secure image secondary”... - Page 28 UM2745 Operational guidance for the role integrator Non secure application interacts with the secure application via the standard PSA APIs as described in the Open Source documents [PSA_ST_API], [PSA_CRYPTO_API] and [PSA_ATTESTATION_API] which describe each PSA API. As an example, psa_cipher_decrypt API is illustrated hereafter: Method of use: Call the following function.
-
Page 29: Security-Relevant Events (Agd_Ope.1.4C)
UM2745 Operational guidance for the role integrator JTAG interface Standard JTAG with SWD interface allows debugging of the TOE and integrator application. It is used according to [IEE1149] and [ADI5]. JTAG interface can be used by the integrator in a secure environment during product manufacturing phase (STM32L5 internal flash programming, STM32L5 security configuration) but JTAG interface shall be disabled at least for the secure part (automatically blocked when setting RDP level >=0.5 in STM32L5 option bytes) as soon as the product leaves the secure area manufacturing secure area. -
Page 30: Security Measures (Agd_Ope.1.6C)
UM2745 Operational guidance for the role integrator • PSA APIs violation: Any calls to PSA APIs go through a secure/privilege fix entry point managed by the TOE. The TOE secure/privilege entry point controls the access to each TF-M Secure Partition, from the non- secure application or from the secure/non-privileged services, by checking the validity of parameters of any operation requested. -
Page 31: Modes Of Operation (Agd_Ope.1.5C)
UM2745 Operational guidance for the role integrator In order to achieve TOE_PERSONALIZATION, the following measures shall be taken: • As described in section TOE specific information personalization Section 4.2.1 User-accessible functions and privileges (AGD_OPE.1.1C), some TOE immutable data are unique per product (EAT public key, EAT private key and HUK). -
Page 32: Revision History
UM2745 Revision history Table 2. Revision history Date Revision Changes 13-Jul-2020 Initial release UM2745 - Rev 1 page 32/36... -
Page 33: Table Of Contents
ST-LINK disable ........ -
Page 34: List Of Tables
UM2745 List of tables List of tables Table 1. List of acronyms ..............2 Table 2. -
Page 35: List Of Figures
UM2745 List of figures List of figures Figure 1. STM32CubeProgrammer connection menu ..........8 Figure 2. - Page 36 ST’s terms and conditions of sale in place at the time of order acknowledgement. Purchasers are solely responsible for the choice, selection, and use of ST products and ST assumes no liability for application assistance or the design of Purchasers’...
Need help?
Do you have a question about the STM32CubeL5 and is the answer not in the manual?
Questions and answers