Q: How to protect STM32 firmware from reverse engineering and secure boot?
Answer
Security measures: (1) Enable RDP (Read Protection) via option bytes – Level 1 prevents flash read via debug interface Level 2 disables debug entirely. (2) Use AES-256 encryption with a unique per-device key stored in OTP. (3) Implement secure boot: hash verification of firmware at startup before executing. (4) Disable SWD/JTAG after initial programming via option bytes. (5) For STM32H7 and STM32L5+ use the hardware cryptographic accelerator (PKA AES HASH). (6) Protect SRAM with MPU. (7) Use TrustZone (STM32L5 STM32U5) to isolate secure from non-secure code. Keys should be provisioned before shipping and never exposed in plaintext firmware.
Filed under: FAQ