STM32U5: To improve the accessibility of our content, please find the audio version of this blog post.
ST is unveiling today the STM32U5, its first ultra-low-power Arm® Cortex®-M33 MCU with an active power draw of only 19 µA/MHz thanks in part to its 40-nm process node. At the same time, Twilio, a new ST Authorized Partner, is also announcing that the new STM32U5 will be the first MCU to run its Microvisor, a device builder platform that shortens the time it takes to securely connect and control devices. The ST Blog thus sat down with Jonathan Williams, Lead Product Manager at Twilio, to learn more about the company’s experience with the new device and what it hopes to accomplish with Microvisor.
From STM32Lx to STM32U5 and Twilio’s Choice
The first Cortex-M MCU from ST, the STM32L1, dates back to 2009. As engineers looked for a better performance-per-watt ratio, the STM32Lx family of devices enabled new applications. For instance, the University of Toronto used ten STM32L4 in its solar car because the MCU demanded so little energy. ST then broke records with the STM32L4+, the first ultra-low-power MCU to score more than 200 in ULPMark. Last year, we went one step further by releasing the STM32L5, our first MCU based on a Cortex-M33. Hence, understanding the STM32U5 means realizing that this latest MCU builds on ST’s strategy to continuously improve the performance-per-watt ratio while also heralding a new chapter in our history, which explains the change from STM32Lx to STM32Ux.
Twilio itself is a fascinating testament to the symbolic nature of the STM32U5 because the company waited for its release. Indeed, their team did most of the work on an STM32L5. However, when it came time to launch Microvisor, the company waited for today’s unveiling. Let us, therefore, dive into Twilio’s story because it explains why the company was dead set on supporting the new MCU as it aims to disrupt embedded systems and the world of IoT development.
ST and Twilio: Why the STM32U5?
“It took us only a few days”
Jonathan explained what motivated his teams to focus on the STM32U5. As he shared,
“When we first got our hands on the STM32U5, we realized it was a new benchmark for what we could accomplish at this level of power consumption. Additionally, the transition from the STM32L5 to the new device was surprisingly fast. It took us only a few days to update our code. Our teams then proceeded to create an internal development board with breakouts for all the I/Os. In a nutshell, the STM32U5 became our new reference, and we wanted our customers to experience the same level of efficiency when they joined the Microvisor pilot program.
“Engineers can even envision running simple user interfaces”
Opening the hood of the STM32U5, we see the impact that moving from a 90-nm process node to 40-nm had on the MCU. ST increased the operating frequency to 160 MHz while reducing the power consumption. The greater transistor density also means that our teams could add more RAM, flash, features, and peripherals. The first STM32U5s will have 786 KB of RAM and up to 2 MB of Flash. The latter even has 512 KB of high endurance cells capable of 100,000 read-write cycles. Comparatively, embedded flash traditionally supports only one-tenth of that. Hence, developers can use this longer-lasting memory for user data to create products with a drastically longer life span.
Another way to measure the performance-per-watt ratio is to look at a device’s capabilities. Teams aiming for greater performance, but limited by a small power budget, often face tough challenges. For instance, wishing for a more precise ADC or a math accelerator previously meant increasing the power consumption significantly. The STM32U5 offers new answers thanks, for example, to its new 14-bit analog-to-digital converter capable of 2.5 mega samples per second or an 18-bit mode that offers even greater accuracy. It also provides a math accelerator (FMAC and CORDIC) to optimize motor control and digital power applications. Engineers can even envision running simple user interfaces thanks to the ChromART Accelerator™ and the presence of advanced display interfaces. Finally, the TrustZone IP on the Cortex-M33 opens the door to all sorts of new applications, like Twilio’s Microvisor.
Twilio and ST: Why Microvisor?
“Microvisor offers a new middle ground”
Microvisor is a new answer to an old engineering dilemma. Today, most teams working on IoT solutions must either design everything from scratch or remain subject to an entire ecosystem. There are pros and cons to both approaches. Large companies with many engineers prioritizing efficiency will tend to choose the former. Smaller teams with less time and resources often adopt the latter. However, each has significant limitations. Customizing everything is Herculean and prone to security breaches while adopting an entire ecosystem is limiting. Microvisor offers a new middle ground. The byte code that lives in the TrustZone of the STM32U5 takes care of the security and connectivity. Teams that want to tweak their system can do so. Microvisor is flexible enough to allow developers to use their operating system and drivers. Similarly, developers with few resources bypass tremendous challenges to obtain a highly secure environment.
“Too often, engineers overlook [SFI]”
Relying on TrustZone enables Microvisor to implement security features, such as Secure Boot, or Secure Firmware Over-the-Air Updates. Twilio even guarantees support for the product’s lifetime. Jonathan also explained that his company settled on the STM32U5 because of what it enables in terms of security. As he said,
“The STM32U5 ensures that the AES accelerator and Public Key Authentication (PKA) are now DPA resistant. A Differential Power Analysis attacks the system by monitoring electrical activity to extract information. The STM32U5 also offers secure data storage capabilities thanks to a hardware unique key (HUK). These features and more ensure Microvisor can offer the latest security protection to customers.”
On another front, Twilio and ST are working together to help the former implement a Secure Firmware Install process. Too often, engineers overlook this feature. Unfortunately, a system can never be truly secure if a malicious person can gain access to the firmware during its installation on the MCU by the OEM. The inability to encrypt the source code or account for devices in the field leaves developers open to attacks. ST and Twilio, therefore, worked together to make this feature even more accessible. Indeed, Twilio will use ST’s HSM cards to store the encryption key and employ the command line interface of STM32CubeProgrammer to install the encrypted firmware at the factory securely. Adopting Microvisor thus lowers the barrier to entry to SFI.
“Perform debugging operations while the product is in the field”
The next step for a developer is to convince managers to adopt Microvisor and the STM32U5. Twilio is working on a development platform that will use the STM32U585. The company will also offer a development kit to help teams test its unique features, like the remote debugger. Indeed, Microvisor offers a secure tunnel that wirelessly connects to the device to perform debugging operations while the product is in the field. One can thus close the JTAG interface to protect the system from a physical attack while enabling remote debugging. However, developers can also choose to disable remote debugging once they start shipping their products to customers. Finally, ST will also release the B-U585I-IOT02A Discovery Kit, a development board Microsoft already chose as a reference board for the Azure Certified Device program.