STM32HSM-V2

Active

SAM for Secure Firmware Installation version 2

Download databrief Order Direct

Product overview

Description

The STM32HSM-V2 hardware security module (HSM) is used to secure the programming of STM32 products, and to avoid product counterfeiting at contract manufacturers' premises.

The secure firmware install (SFI) feature allows secure downloading of customer firmware to STM32 products that embed a secure bootloader. For further information on this feature, refer to the AN4992 application note available from st.com.

Original equipment manufacturers (OEM) working on a specific STM32 product receive the relevant ST public key to be stored to one or more STM32HSM-V2 HSMs using the STM32CubeProgrammer and STM32 Trusted Package Creator software tools.

Using the same toolchain, after defining the firmware encryption key and encrypting its firmware, the OEM also stores the encryption key to one or more STM32HSM-V2 HSMs, and sets the number of authorized SFI operations for each HSM. Contract manufacturers must then use these STM32HSM-V2 HSMs to load encrypted firmware to the STM32 devices: each STM32HSM-V2 HSM only allows the OEM-defined number of SFI operations before irreversible deactivation.

To best prevent security concerns and ensure that you are using a genuine STMicroelectronics product, purchase STM32HSM-V2 either from STMicroelectronics sales offices or from STMicroelectronics official partners.

Download related software (STM32CubeProgrammer including the STM32 Trusted Package Creator tool) only from the STMicroelectronics official web site st.com.

  • All features

    • Genuine firmware identification (firmware identifier)
    • Identification of STM32 products with secure firmware install (SFI) functionality
    • Management of STMicroelectronics (ST) public keys associated with STM32 products
    • License generation using a customer-defined firmware encryption key
    • Secure counter allowing the generation of a predefined number of licenses
    • Direct support of the STM32CubeProgrammer software tool (STM32CubeProg) including the STM32 Trusted Package Creator tool

The current status of a product:
Active: Product is in volume production
Evaluation: Product is under characterization. Limited Engineering samples available
Preview: Product is in design stage
Target: Product is in design feasibility stage.No commitment taken to produce
Proposal: Marketing proposal for customer feedback.No commitment taken to design or produce
NRND: Not Recommended for New Design.Product is in volume production only to support customers ongoing production.
Budgetary PriceECCNs are five character alpha-numeric designations used on the Commerce Control List to identify dual-use items for export control purposes. ECCNs are five character alpha-numeric designations used on the Commerce Control List to identify dual-use items for export control purposes.