Secure Bootloader

Problem Solved

Unleash your STM32-based IoT device or embedded system with our new second-generation V2 Secure Bootloader and Firmware Update solution with delta patching, multi-segment and SPI flash capability.

Get state of the art security, application integration, build-system integration, APIs, full source code and support, faster and for less cost than if you did it yourself.

Secure Bootloader IoT Device Internal Flash Layout (V2)

Features

Image authentication with ECDSA.
Image encryption with AES.
Download and install patches containing only differences with new firmware.
Dual image capability. ³
Multi-Segment.
Supporting External SPI Flash.
Supports STM32Cube IDE.
Supports TouchGFX.
Includes firmware image preparation tool (requires Python).
Simple and easy to use firmware update APIs.
Ready to integrate firmware library and Python build tools provided.
Option for firmware update via USB flash drive in bootloader.

Benefits

Allows your product's firmware to be safely and securely updated in the field.
Prevents unauthorized 3rd parties from installing malicious firmware. ²
Dual Image update method offers robust and reliable in-field updates of your devices.
Delta patches offer smaller downloads reducing time-on-air costs like network access fees and battery consumption. ¹
Multi-Segment allows handling of application binaries located in discontinuous segments - for example application binary in MCU flash and application resources in external QSPI flash.
External SPI flash support allows for larger application binaries by freeing up the MCU internal flash for the application executable while maintaining dual-image robustness.
Get a tested and working solution up and running fast.

Product Flyer

Pricing

Our complete bootloader and firmware update system for any STM32 MCU and board combination is $5000 CAD.

Deliverables

Bootloader firmware binary and project integration reference design in GitHub.
Bootloader binary customized for your MCU and board.
Open source test application, a sample application that demonstrates bootloader functionality.
Python tool (full source) to generate the secure firmware patch for distribution, and the bootloader+application combined image for manufacturing.

See the bootloader in action in this demonstration.

The Fine Print

Actual delta patch compression ratio depends on application program structure and number of differences between versions.
Secure root of trust must be established by enabling RDP Level 2 at time of production.
Device must have enough internal flash space to hold two complete copies of the application firmware (now and projected), and secure bootloader (50K typical but varies with features and target sector sizes).
A UART debug port should be available on your device to help verify and validate the bootloader operation.
Organizations based in Canada are charged 5% GST.
Components licensed under ST Ultimate Liberty license and Firmware Modules Commercial license. The bootloader may only be distributed on ST devices and in binary form on devices you make.
You get support for the life of your product. That's right - if there's something wrong with the bootloader or FOTA update system, keep us in the loop.