The STM32H5 is the new reference mainstream microcontroller thanks to the most powerful Cortex-M33 implementation, reaching 1017 points in CoreMark, and because of its extensive security capabilities. The new device runs at 250 MHz. It houses up to 2 MB of dual bank Flash and up to 640 KB of RAM. It also draws from previous models to offer a CORDIC and FMAC accelerator, as in the STM32G4. Similarly, it takes the security features of the STM32U5 and builds upon them by inaugurating the ST immutable Root of Trust (iRoT) and updatable Root of Trust (uRoT), among other things. Consequently, it dethrones the STM32F4 as the new standard for embedded systems.
The importance of a mainstream MCU
Knowing what microcontroller to use is challenging. By serving as the new reference for the mainstream market, the STM32H5 ensures developers can better evaluate their needs. For instance, teams with less experience can start working on their motor control system to assess if the STM32H5’s configuration is sufficient or if they require something more specialized, like an STM32G4, or something more powerful, like an STM32H7. Similarly, teams can start with an STM32H5 and then go to an STM32U5 or an STM32L5 if they realize they need to lower their consumption significantly. Thanks to STM32CubeMX, developers have always been able to move rapidly from one STM32 to another.
A flexible and forward-looking architecture
First STM32 MCU with I3C
Being the new benchmark for most embedded applications means being future-proof. Hence, the STM32H5 is the first STM32 device to include an I3C (Improved Inter-Integrated Circuit) interface. The new bus is significantly faster, which is getting ever more critical as embedded systems deal with a myriad of sensor data. Thanks to a frequency of 12.5 MHz, I3C is about 12 times faster than I2C. The new technology also supports dynamic addresses and can help reduce pins utilization by enabling the microcontroller to talk to more devices simultaneously. Despite its forward-looking bus, the STM32H5 remains a general-purpose MCU thanks to many interfaces, such as CAN-FD, HDMI-CEC, and USB-C Power Delivery, among many others.
ADC, DAC, dual-bank Flash, SMPS
The STM32H5 includes two 12-bit analog-to-digital converters and two 12-bit digital-to-analog converters, serving many applications that require fast data acquisition or multiple interfaces. There are also many timers, including two 16-bit advanced ones for motor control applications, which are identical to those found on the STM32G4. Taking a step back, the whole architecture of the STM32H5 is an exercise in balance between flexibility and future-proofing. Another example of this approach is the presence of dual-bank Flash to enable, among other things, the implementation of an over-the-air update without needing to shut the system down, something essential in industrial applications.
Similarly, the STM32H5 supports a temperature of 125ºC to meet demanding industrial products while providing a switched-mode power supply to optimize its power consumption. Thanks to the SMPS found on some models, the stop mode (with all I/Os enabled) only draws 46 µA. The low power consumption also means that the STM32H5 can use cost-effective packages instead of expensive alternatives that would have had to dissipate a lot of heat.
More comprehensive security features
iRoT and uRoT
Like the STM32U5, the STM32H5 will have a SESIP Level 3 certification. However, the new device adds significantly more features, such as a two-stage root-of-trust: the immutable and updatable root of trust or iRoT and uRoT. As the name implies, the former is set at the factory and cannot be modified. It uses a read-only memory containing keys and other mechanisms defined by ST to establish a secure boot without external keys.
Customers can also define their iRoT with permanent and unchangeable information. Once the system passes the iRoT, it moves to the uRoT, which enables developers to store and use sensitive data that may be updated. Implementing both root-of-trust demanded new hardware features to prevent overwriting data in the iRoT and to protect both stages against physical and logical attacks. The STM32H5 also allows developers to choose what they would like to implement. Some may choose to use the iRot, others the iRot and uRot, while others may want both alongside the Trusted Execution Environment and secure services or nothing at all.
Life Cycle Management
The STM32H5 includes other architectural optimizations that bolster security, such as a unique 96-bit ID and complex hash acceleration, such as SHA-2 512. Ultimately, the new hardware safeguards and features will enable engineers to isolate sensitive applications from the rest of the system and provide a more fine-tuned security strategy.
The new device will also benefit from a new Life Cycle Management system that enables developers to tailor the activation or deactivation of low-level features depending on where they are in the development process. Traditionally, teams close debug features to prevent malicious intrusions once the device is ready for manufacturing and deployment. Thanks to its Life Cycle Management and Debug Authentication features, the STM32H5 can securely reactivate certain debug capabilities to help field engineers work on deployed systems. Additionally, if a company fears that a secure layer has been compromised, an immutable root of trust allows teams to perform a complete regression to a known secure state, thus ensuring that the device is safe to use.
Next steps
The best way to start experimenting with all the features found on the new device is to grab a development board. There are already Nucleo (NUCLEO-H503RB and NUCLEO-H563ZI) boards available at the time of this announcement, and a Discovery Kit with the STM32H573, which includes all the security features, will be available at distributors in June. That will also be the time ST will make available for download our Secure Manager, an entirely new Trusted Execution Environment to help developers, regardless of their expertise level, take advantage of the latest security capabilities of the STM32H5. We worked closely with ProvenRun on the software implementations, and Secure Manager enables engineers to reap the fruits of this collaboration.
