External Flash Memories - ST STM32C0 Series Application Note

Code execution
The part of the firmware that requires faster performances can be downloaded from the user or the external flash
memory, and executed from the SRAM. Another reason to execute code from the SRAM is when using encrypted
external flash memory on devices without on-the-fly decryption: the code is decrypted inside the SRAM before
its execution. Appropriate memory protections must then be enabled on the SRAM address range containing the
code. When no code must be executed in the SRAM, it is advised to prevent any malware execution by setting
the appropriate attribute (execute never) with the MPU.
Associated protections: MPU or firewall
SRAM cleaning
The SRAM can contain sensitive data or temporary values allowing some secrets retrieving. A typical example
is the transfer of a secret cryptographic key from protected flash memory area in clear text, inside the SRAM.
It is highly recommended to clean explicitly the working buffers and variables immediately after the processing of
functions manipulating sensitive data.
Note: In case of reset, the STM32 MCUs allow the automatic erase of the SRAM (refer to the reference manual). For
some devices, part of the SRAM is protected against external access or untrusted boot (SRAM boot) when the
RDP is set.
Write protection
The write protection can be used to isolate part of the area from being corrupted by another process or
by preventing an overflow attack. An overflow attack consists in writing more data than the targeted buffer
size (during a data transfer through interface ports for example). If no boundary checks are performed, the
memory address above the buffer is corrupted, and a malware can be injected this way. This protection
is only featured by the SRAM regions, which are used primarily for code execution (this protection is not
practical for data). The SRAM write protection is available for SRAM2 region on some STM32 MCUs only
(refer to Section 6.1 Overview of security features
Associated protections: MPU, TrustZone, or SRAM write protection (available on some STM32 devices only)
Parity check and ECC
The parity check on the SRAM allows the control of potential errors word-by-word (32 bits). One extra bit per byte
is added to the memory content (data bus width is 36 bits) to increase its robustness, as required for instance
by Class B or SIL norms. ECC is more sophisticated, with SECDED functionality, but only available for SRAM on
certain MCU devices. Integrity protections based on redundancy often cannot be disabled.
4.4.4

External flash memories

The external flash memories are connected to the microcontroller through dedicated interfaces (NAND, NOR,
Octo-SPI, or Quad-SPI). As the embedded flash memory, the external ones contain code and data, but the
external storage raises the problem of confidentiality (content protection) and authentication (device protection).
The hardware protection is limited to a write lock, to avoid content erasing or modification. Further protection is
brought by cryptography algorithms. The content must be at least signed to avoid execution of unauthenticated
firmware. Encryption is required only if the content is confidential.
The embedded code can be either executed in-place or loaded into the SRAM before execution. Execution
in-place of encrypted firmware is possible only if the device has on-the-fly decryption capabilities. In the other
case, the firmware must be decrypted when loaded into SRAM. If the decrypted code or parts of it are not
protected from readout (RDP2), then the confidentiality of the code is violated. It is also recommended to combine
encryption with integrity protection.
Associated protection: OTFDEC
AN5156 - Rev 8
and to the reference manual).
AN5156
Memory protections
page 20/56