By Steve Bush Posted on 7th March 2023 | Modified on 22nd March 2023

ST ramps up security in 250MHz Cortex-M33 MCU

STMicroelectronics has introduced a 250MHz Arm Cortex-M33 microcontroller with the company’s own security hardware and software trusted execution environment (TEE) on top of Arm’s TrustZone.

ST Trustee security

The part is the STM32H573 (or 563, ST has said both, watch this space), and the internal security system has been dubbed ‘STM32Trust TEE security manager’ (right).

“STM32H5 is the first MCU series to come with system-on-chip security services accessed via an industry-standard API,” claimed ST. “This facility [STM32Trust TEE secure manager], saves developers writing their own code while providing security services developed according to known best practice.”


The secure manager has two types of package: STM32Trust TEE secure manager access kit
(SMAK) and the STM32Trust TEE secure module development kit (SMDK).


The SMAK is installed into MCU-based products on production lines, and is certified to support the secure boot, root of trust, cryptography, internal trusted storage, initial attestation and firmware update – as defined by Arm’s PSA specifications. It’s binary code is isolated by the TrustZone hardware.

“OEMs can develop, debug, and protect their applicative firmware as usual and call STM32Trust TEE SMAK secure functionalities as defined into the STM32Trust TEE SMAK non-secure reference source code provided by STMicroelectronics,” said the company.

The SMDK is dedicated to the development debug and distribution of SMAK secure software modules – which have access to the microcontroller peripherals and interfaces – enabling installation, update, and execution under the SMAK rules and isolation.

STM32H5 family The STM32H5 family
Only the …573 is compatible with the TEE
Only the ..563 is available today

Back at the hardware, the H5 MCUs “are SIL-ready for products that must meet an appropriate safety integrity level, thanks to native hardware features that address industrial and medical applications”, it said. “The SoC security services provided include isolation, cryptography, key storage, and initial attestation. The devices also provide in-ST factory pre-provisioning credentials for registration to various cloud and OEM servers, multi-tenant IP protection, and remote pre-integrated 3rd party public key infrastructure life-cycle management.”

STM32H5 familyFlash and RAM

The ICs are made on a 40nm CMOS process, and score 375DMIPS and 1023 on the EEMBC CoreMark. Consumption is 61µA/MHz in family members with an in-built dc-dc converter, and 120µA/MHz for the LDO versions (Vdd=3.3V, 25°C, run-mode, peripherals off). Operation is up to 125°C ambient.

The software, ‘STM32Trustee-H5’ is scheduled to be available in June.

There are three development kits: Nucleo-H503RB, Nucleo-H563ZI, and STM32H573I-DK.

STM32H5

STM32Trust TEE secure manager

..


Tagged with:

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Copyright ©2024 Electronics Weekly |News|Products|Blogs|Jobs - Owned by Emap, Southern House, CR0 1XG (020 39532600) Terms and Conditions Privacy policy