ST STM32U5 Series User Manual page 13

JTAG/SWD debug interface
The standard JTAG/SWD interface allows debugging of the TOE and the Integrator application. It is used
according to [IEEE1149]
disabled. If the OEM2KEY is provisioned, the JTAG/SWD interface remains enabled on reset to inject the
OEM2KEY as part of the regression request to RDP level 1.
Method of use:
• JTAG/SWD physical link to transport OEM2KEY value
Parameters:
• OEM2KEY stored in FLASH_OEM2KEYRx registers. Refer to OEM2 RDP lock mechanism subsection in
Section 7.6.2 of
Actions:
• Inject the OEM2 password through JTAG/SWD under reset.
• If the received value is identical to the programmed OEM2KEY value, the hardware starts a regression to
RDP level 1.
Errors:
• RDP level remains set to level 2 when provided OEM2KEY value was wrong.
True random number generation
The platform includes an RNG peripheral compliant with NIST SP800-90B recommendations. When the platform
is not running, the application must use this peripheral to generate true random numbers.
Method of use:
• The firmware interacts with the hardware True RNG through a bank of memory-mapped registers.
Parameters:
• Refer to
Actions:
• Refer to
• Refer to
• Refer to
• Refer to
Errors:
• Refer to [RM_U5]
Cryptographic functions interface
The platform provides the application with a set of hardware peripheral registers to access cryptographic
operations and cryptographic key store resources. Some of those cryptographic operations are protected against
side-channel attacks (AES, modular exponentiation, signature, ECC scalar multiplication).
Method of use:
• The firmware interacts with the hardware SAES and PKA through a bank of memory-mapped registers,
and the embedded RAM in the PKA peripheral.
Parameters:
• Refer to
• Refer to
• Refer to
Actions:
• Refer to SAES
• Refer to PKA
Errors:
• Refer to
• Refer to
UM3387 - Rev 1
and [IHI0031]. When RDP is Level 2 (certified configuration), all debug features are
[RM_U5] or [RM_WBA5].
[RM_U5] Section 48.7 (resp.
[RM_U5] Section 48.3.4 (resp.
[RM_U5] Section 48.3.5 (resp.
[RM_U5] Section 48.3.8 (resp.
[RM_U5] Section 48.4 (resp.
Section 48.3.7 (resp. [RM_WBA5]
[RM_U5] Section 50.7 (resp.
[RM_U5] Section 53.7 (resp.
[RM_U5] Section 53.4 (resp.
[RM_U5] sections 50.4 and 50.5 (resp.
[RM_U5] sections 53.3 and 53.6 (resp.
[RM_U5] Section 50.4.15 (resp.
[RM_U5] Section 53.3.7 (resp.
[RM_WBA5] Section 24.7) of RNG registers.
[RM_WBA5] Section 24.3.4) RNG initialization.
[RM_WBA5] Section 24.3.5) RNG operation.
[RM_WBA5] Section 24.3.8) RNG low-power use.
[RM_WBA5] Section 24.4) RNG interrupts.
Section 24.3.7) Error management.
[RM_WBA5] Section 26.8) SAES registers.
[RM_WBA5] Section 28.7) PKA registers.
[RM_WBA5] Section 28.4) PKA RAM parameters.
[RM_WBA5]
[RM_WBA5]
[RM_WBA5] Section 26.4.19) SAES error management.
[RM_WBA5] Section 28.3.7) PKA error management.
Operational user guidance
sections 26.4, 26.5, and 26.6)
sections 28.3 and 28.6)
UM3387
page 13/22