Protecting Internet of Things (IoT) endpoints from malicious cyber threats has become a significant issue now as new devices are being plugged into the Internet of Things (IoT) at a rapid pace.
To guarantee greater security for connected devices like IoT endpoints and help manage their life-cycle, STMicroelectronics has launched the Expansion Software package for the STM32 microcontrollers.
The X-CUBE-SBSFU v.2.0 combines a Secure Boot (SB), Secure Firmware Update (SFU) and secure-engine services in a convenient STM32Cube expansion software. The solution allows the update of the STM32 microcontroller built-in program with new firmware versions, adding new features and correcting potential issues. The update process is performed in a secure way to prevent unauthorized updates and access to confidential on-device data.
By establishing a root of trust in the microcontroller, X-CUBE-SBSFU Secure Boot enables protection of intellectual property. Secure Boot checks and activates the STM32’s built-in security mechanisms, and checks the authenticity and integrity of user application code before every execution to prevent invalid or malicious code from running.
The trusted device can then safely take part in mutual authentication when connecting remotely to a network, in accordance with well-known security best practices.
The secure firmware-update functionality aids lifetime device management – applying fixes, functional upgrades, and security updates to cover the latest cyber threats — by handling secure loading and safe programming of firmware.
The secure loader supports multiple recognized digital-signature (ECDSA or AES methods) and cryptography (AES-GCM) algorithms to receive, authenticate, and decrypt the encrypted firmware image, and check the integrity of the code. The safe programming supports both single-image update for maximum user-application size and dual-image update giving extra flexibility to support anti-rollback during image installation and Over-The-Air (OTA) firmware download.
X-CUBE-SBSFU secure-engine services maintain a protected environment for storing critical data such as cryptographic keys and executing cryptographic algorithms.
X-CUBE-SBSFU is built on top of STM32Cube software technology, making the portability across different STM32 microcontrollers easy. It is provided as reference code to demonstrate the state-of-the-art usage of STM32 security protection.
The X-CUBE-SBSFU Expansion Package comes with examples running on the STM32L4 Series.
For further information on X-CUBE-SBSFU, click here.
To view the Press release, click here.