Secure Thingz, an IAR Systems Group company and a member of the ST Partner Program, recently announced an easy way to implement its Secure Deploy solution with IAR Embedded Workbench and STM32 MCUs compatible with our Secure Firmware Installation (SFI). More precisely, the solution is part of the Embedded Trust and C-Trust security development tools. It currently works with STM32H7s and will support STM32L5 microcontrollers and more later. The solution distinguishes itself because it just works as an extension of IAR Embedded Workbench. Hence, even teams that don’t have the resources or expertise to create a custom solution can enjoy a secure environment. We are also holding a webinar on March 18 with Secure Thingz to help engineers understand and implement this technology. We thus thought it was important to dive into what Secure Thingz offers in preparation for this event.
Securing the Bootloader Is Increasingly Necessary
Protecting intellectual property is fundamental for the company itself, and it can save users from hackers. Traditionally, OEMs load an encrypted application that only gets decrypted by the MCU and its bootloader. However, the bootloader itself is not encrypted, which can open a device to attacks. Secure Firmware Installation remedies this situation by enabling the use of an encrypted bootloader. For instance, an OEM programming an STM32 MCU will push the developer’s entire encrypted environment onto the internal flash. Thanks to a series of optimizations, authentications, integrity checks, and measures guaranteeing confidentiality, ST’s Secure Firmware Installation (SFI) will decrypt and install the code securely. As companies become increasingly sensitive to security issues, securing firmware programming is becoming a de facto standard in many industries.
ST’s SFI is part of a larger initiative called STM32Trust. The latter brings security features, such as Secure Boot, SFI, and Secure Firmware Update under one roof. Developers can, therefore, find a central resource hub for software, documentation, and more. As a result, teams that wish to implement their custom solutions will find example code, cryptographic libraries, and more. However, despite initiatives like STM32Trust, not every developer has the time to learn how these tools work. Some do welcome a more straightforward and preconfigured installation. For instance, many startups have common security needs but few experts on hand. Hence, Secure Thingz offers Secure Deploy straight from an IAR Embedded Workbench to help developers save time and resources. Let us, therefore, look at what it would take for developers to take advantage of this solution.
Secure Thingz and IAR
Embedded Trust and C-Trust
Developers looking for a turnkey solution must often work within tight constraints. If teams don’t have the time and resources to customize their secure context implementation, they also don’t have the time to use a myriad of software solutions. Hence, Secure Thingz’s appeal is its ability to offer everything within IAR Embedded Workbench. Developers can immediately start working on their security workflow by using the IDE’s extension tools within Embedded Trust and C-Trust. Embedded Trust enables a complete workflow from Security Context generation to Secure Package production, including Secure Boot Manager creation and application development. C-Trust provides a subset of the Embedded Trust features by focusing on the application stage and prototyping of the overall product development cycle.
Secure Production Package and Secure Desktop Provisioner
All the development tools above will help generate a ready-made Secure Boot Manager (SBM) that the STM32 MCU launches at startup. The SBM submits the firmware to a series of controls and validations. If all tests clear, the application launches. Hence, given the boot manager’s sensitive nature, developers may put it inside a Secure Production Package, an encrypted container sent to the production facility. Additionally, Secure Thingz and IAR Systems provide the Secure Deploy platform, which imports the Secure Production Package and holds it securely during production. Secure Thingz also provides the Secure Desktop Provisioner (SPD) tool. Controlled by an operator UI, it is used for desktop prototyping and limited production runs. OEMs can also integrate Secure Deploy into a fully automated volume production machine without running a dedicated user interface. Both implementations use the same Secure Production Package and interact with the target device during programming (provisioning).
Secure Thingz and STM32
Secure Deploy on STM32 with SFI
In some instances, developers may find the implementation of a secure boot manager difficult. Secure Thingz takes care of all the inherent complexities to vastly facilitate developments. For example, the ST Partner uses the STM32 SFI mechanism to transfer the SBM and application to a secure memory area in the target MCU. However, the entire process takes place behind-the-scenes, demanding only a few clicks from developers. Within C-Trust, users simply select STM32 Secure Firmware Installation (SFI) by ticking a checkbox during the Secure Boot Manager configuration. Similarly, creating and encrypting a package for production takes a few steps within IAR Embedded Workbench.
Implementing a Secure Firmware Installation becomes more straightforward. Engineers no longer need additional tools, thus vastly simplifying their workflow. All the information necessary to securely provision an STM32 SFI-capable device is present inside the Secure Production Package. Consequently, using STM32’s SFI in a production setting requires no additional instructions for the operator or automated machine.