Secure Bootloader
Problem SolvedUnleash your STM32-based IoT device or embedded system with our new second-generation V2 Secure Bootloader and Firmware Update solution with delta patching, multi-segment and SPI flash capability. Get state of the art security, application integration, build-system integration, APIs, full source code and support, faster and for less cost than if you did it yourself. |
Secure Bootloader IoT Device Internal Flash Layout (V2)![]() |
Features
|
Benefits
|
Pricing
Sample API
// Initialize the patching engine in preparation for update.
uint32_t SFU_APP_Init(uint32_t uFileSize);
// Supply patch data to the patching engine.
// Data can be supplied in chunks of any size to adapt to any
// OTA download method.
uint32_t SFU_APP_Data(uint8_t *pData, uint32_t uSize);
// Complete the patching operation.
uint32_t SFU_APP_Finish();
// Get the currently installed firmware version.
SE_ErrorStatus SE_APP_GetActiveFwInfo(SE_StatusTypeDef *peSE_Status, SE_APP_ActiveFwInfo *p_FwInfo);
Deliverables
- Git project (re)structured appropriately.
- SBSFU application, this is the bootloader executable.
- SECORE application, this the secure core and patching engine, hosted inside the bootloader but built separately.
- TestApp application, a sample application that demonstrates bootloader functionality.
- Your application, suitably modified as you require to work seamlessly with the bootloader and the patching engine.
- Python tool to generate the secure firmware patch for distribution, and the bootloader+application combined image for manufacturing.
- Integration of the Python tool into your build system.
- Support for ensuring update APIs work with your OTA update strategy, or implementation of your selected OTA update strategy (cellular, LoRaWAN, USB flash drive, Contactless NFC, custom).
See the bootloader in action in this demonstration.
The Fine Print
- Actual delta patch compression ratio depends on application program structure and number of differences between versions.
- Secure root of trust must be established by enabling RDP Level 2 at time of production.
- Device must have enough internal flash space to hold two complete copies of the application firmware (now and projected), and secure bootloader (50K typical but varies with features and target sector sizes).
- Integration requires access to repository in GitHub or Bitbucket or similar Git-based version control system.
- A UART debug port should be available on your device to help verify and validate the bootloader operation.
- Organizations based in Canada are charged 5% GST.
- Components licensed under ST Ultimate Liberty license and Firmware Modules Commercial license. The bootloader may only be distributed on ST devices and in binary form on devices you make.
- You get support for the life of your product. That's right - if there's something wrong with the bootloader or FOTA update system, keep us in the loop.