STM32Trust: A Set of Cyber-Protection Resources for IoT Designers

  • The STM32Trust solution offers a complete toolset for code and execution protection.
  • The STM32Trust resources include design tools, evaluated reference material and free software.
  • Designers take advantage of features built into STM32 microcontrollers to avert data theft and code modification.

Global semiconductor company STMicroelectronics has launched a comprehensive toolset for IoT designers to help them build strong cyber-protection into connected devices leveraging industry best-practices.

Integrating all available cyber-protection resources including reference material and free software for the STM32 family, STM32Trust helps designers implement a robust multi-level strategy to enhance security.

These help designers take advantage of features built into STM32 microcontrollers to ensure trust among devices, prevent unauthorized access, and resist side-channel attacks to avert data theft and code modification.

“Connected devices like smart sensors and remote actuators are intrinsic to our infrastructure and services, so ensuring effective security becomes of paramount importance,” explained Ricardo De Sa Earp, General Manager of STMicroelectronics’ Microcontroller Division.

“STM32Trust eases developers’ understanding and acceptance of the new mandatory security rules, which is a key emerging challenge in the general-purpose microcontroller market today,” he added.

The STM32 family

The STM32 family is the world’s leading system-on-chip portfolio based on the Arm Cortex CPU architecture and contains almost 1000 variants used in smart appliances, remote sensors, wearables, e-health devices, IoT gateways, access-controlled storage, payments and many other connected devices.

Depending on the model, hardware cyber-protection can include features such as customized secure boot, a random-number generator to prevent hackers observing patterns in signals, dedicated encryption co-processors and secure storage for encryption keys. ST also builds in tamper detection, firewall code-isolation mechanisms and implements Arm TrustZone technologies for extra protection of the most sensitive code.

STM32Trust provides product developers with all they need to protect connected objects effectively using these features, including reference material and free software.

Reference software packages

Among the reference software packages, X-CUBE-SBSFU demonstrates how to protect application code at its most vulnerable when being transferred into boot memory or updated in the field. X-CUBE-SBSFU reference packages are available for the STM32F4, F7, H7, L0, L1, L4, G0, G4 and WB.

There is also a reference implementation of ST’s secure element STSAFE, which maximizes the security level of the final application.

In addition, Secure Firmware Installation solutions for STM32L4 and STM32H7 microcontrollers provide protection while devices are being programmed for the first time. The solution offers a complete toolset to encrypt OEM binaries with the Trusted Package Creator software, the STM32CUBEProgrammer to flash securely the STM32, and the STM32HSM to transfer OEM credentials to the programming partner.