STMicroelectronics has put together a toolset of embedded software and development tools to help customers sort through all the security features available to its flagship STM32 lineup of 32-bit microcontrollers. The package is designed to help customers establish trust between devices while blocking hackers trying to break in to steal data or make changes to the application code.
The STM32 Trust brings together all available cyber-protection resources for the Cortex-M microcontrollers (MCUs), STMicroelectronics said. That makes it easier for customers to assess the hardware, software and system-level security inside each STM32 MCU and layer them together to protect edge devices, the company said. The STM32 MCUs can be slipped inside factories, cars and all sorts of Internet of Things devices such as wearables to thermometers.
STM32 Trust includes the X-Cube Secure Boot and Secure Firmware Update solutions, which can be used to protect vulnerable code being transferred to boot memory or updated in the field. Secure Boot uses a piece of immutable code that runs after every system reset to make sure that the system is not infected by invalid or malicious code. Secure Firmware Update wards off attacks that use firware update as cover to alter code or access confidential on-device data.
STMicroelectronics is also adding protection for devices being programmed for the first time. The company offers a tool called Secure Firmware Install that protects against rogue employees in a production plant or hackers targeting a manufacturer trying to steal the IP inside the MCU's firmware. The firmware is encrypted before being shipped to the factory and decrypted only after STM32 MCU is installed in the end product. Any firmware stolen before then is useless.
STMicroelectronics, the No.3 player in the market for 32-bit microcontrollers, is also trying to walk customers through the security features hardwired into its STM32 MCUs. The features range from on-chip cryptography and secure storage for keeping encryption keys from hackers. STMicroelectronics also leverages Arm's TrustZone technology for protecting sensitive code, creating an isolated space in silicon that brings confidentiality and integrity to the broader system.
The toolset lower the bar for customers using its general-purpose microcontrollers to add security features as needed, said Ricardo De Sa Earp, general manager of the microcontroller unit at STMicroelectronics, which serves more than 100,000 customers. “STM32 Trust eases developers’ understanding and acceptance of new mandatory security rules, which is a key emerging challenge in the general-purpose microcontroller market today,” he said in a statement.
STMicroelectronics plans to add software, tools and other resources to STM32 Trust over time.