STM32 Secure Patching Bootloader
STM32 Secure Patching Bootloader
The STM32 Secure Patching Bootloader is a pre-built and made-to-order bootloader and firmware update system suitable for most STM32-based products and applications.
This solution offers these key advantages over other solutions (open source or commercial):
* Wraps firmware update binaries with encryption and digital signatures so you can deploy your product/solution into uncontrolled environments.
* Ability to update your product in the field with patches containing only the difference between the firmware on the device and the updated version. Patching is optional and full-size update images are always generated.
* Ability to seemlessly update TouchGFX applications by wrapping GUI assets on external flash into the same update (and patch) binaries.
* Ability to update from a USB flash stick from the bootloader.
* Supports "git" semantic versioning natively so you can version your application automatically with git tags in your development repository.
To support your product development efforts we have made available ready-to-use libraries and reference projects for many popular STM32 Nucleo and Discovery boards at our GitHub repository.
When you're ready to deploy our stm32-secure-patching-bootloader solution to your custom product design, contact us to request a stm32-secure-patching-bootloader, based on the Nucleo or Discovery board you evaluated it on, customized just for you.
- Dual slot architecture (SLOT0 -active, SLOT1 - download) for reliable updates every time.
- Can support external flash for placement of encrypted update content in SLOT1 to give your application more internal flash if needed.
- Encrypted and signed firmware update images (and patches).
- Delta Patch Engine -automatic patch generation (in tools) and application (in bootloader). Both patch files and full-image files are generated each build where possible.
- Multiple application firmware update methods, from the bootloader, where hardware permits: UART or USB flash stick.
- In-application (IAP) and over-the-air (OTA) update support from within the application at runtime via easy to use API. This supports most update methods your application may require including over cellular, LoRaWAN, ethernet, Bluetooth, etc.
- Pre-built bootloader binary - nothing to build, it just works out of the box.
- Ready-to-go firmware image preparation scripts for Python including secure patch generation.
- Can deploy and update TouchGFX applications through automatic combination of application and external flash GUI assets into a single secured update file. The bootloader automatically distributes the content to the appropriate destination (internal or external flash segments). Dual slot reliability is also retained.
- Designed for STM32CubeIDE. Works with latest 1.10.1 version.
- 64-bytes uninitialized area reserved at start of RAM for user application requirements such as fault info reporting (optional for your application).
- 128-byte reserved OTP area for secure identity provisioning (optional for your application).
- Reserves up to 80 KB at start of internal flash for bootloader binary.
- Reserves ~6 KB at start of SRAM for runtime services including obtaining bootloader and application versions and access to secure patching engine for in-application firmware update.
The solution has a free development edition for supported NUCLEO, DISCO and EVAL boards. Refer to our GitHub Repository to setup and use our bootloader system with one of these platforms.
If you are launching a commercial product or project with custom hardware, consider supporting us by registering the STM32 Secure Patching Bootloader.
Registered users of the STM32 Secure Patching Bootloader get:
- Bootloader library customized for your platform (for example: flash layout, clock configuration, UART I/O configuration, external flash support is determined by your specifications).
- Dedicated personalized support through email.
- License to use your custom bootloader binary and build system tools for an unlimited number of units for one product line/board configuration (enforced by bootloader's board-specific build-time configuration).
After contacting us for registration we will get you a short questionnaire to fill out with your specific STM32 Secure Patching Bootloader configuration needs.
While we offer a comprehensive Quick Start Guide for your development team to reference while performing the bootloader integration into your application and build system, some customers prefer us to handle it. We charge $1000 CAD for the bootloader integration service above our standard $5000 customization fee. For as little as $6000 you can have your product's core bootloader and firmware update system solved with minimal allocation of internal developer resources. Quite a bargain!
Our STM2 Secure Patching Bootloader Customization Questionnaire
|MCU Part Number
Clock Source: HSE? Speed?
(Note: HSE is optional in projects without USB)
|HSE=YES,24 MHZ HSE=NO
Internal Flash Allocation
All remaining, or
Diagnostic UART Parameters (115200,N,8,1 default)
External Flash YES/NO and Part Number
* Requires External Flash Registration
YES - MX25LM51245G
CLK - PA7, CS - PA8, MISO - PA9, MOSI - PA10
* YES only valid if External Flash is YES
* Specify start of (Q)(O)SPI memory mapped address
* Specify start address of SLOT0 extension (SEG1) and length
0x90002000 (leaves 8K at start of QSPI flash)