STM32TRUSTEE-SM

Active
Design Win

Secure manager embedded software for STM32Cube

Get Software Download databrief

Product overview

Key Benefits

Speed up your qualification process with system-level certifications

Security services developed according to the best practices: PSA Certified Level 3 and SESIP3 target certifications

Description

Security is a key driver for the microcontroller market, often perceived as complex by the users.

The STM32Trust TEE secure manager (STM32TRUSTEE-SM) is a suite of system-on-chip security solutions that simplifies the development of embedded applications to ensure ready to use security services. With the STM32 microcontroller, the STM32Trust TEE secure manager relieves the developers of writing and validating their own code while providing security services developed according to the best practices.

The STM32Trust TEE secure manager encompasses two types of packages: the STM32Trust TEE secure manager access kit (SMAK) and the STM32Trust TEE secure module development kit (SMDK).

The STM32Trust TEE secure manager access kit (SMAK) is installed easily into STM32 products by the customers on their production lines. It offers a ready to use, high performance, and certified solution to support the Secure Boot, root of trust, cryptographic, internal trusted storage, initial attestation, and firmware update functions as defined by the Arm® PSA specifications.

The STM32Trust TEE SMAK binary code is isolated by the Arm® TrustZone® hardware, which protects its capabilities and all the OEM applicative secure credentials it manages and stores. OEMs develop, debug, and protect their applicative firmware as usual, and call STM32Trust TEE SMAK secure functionalities as defined in the STM32Trust TEE SMAK nonsecure reference source code provided by STMicroelectronics (refer to the "Development kits" section of the data brief).

The STM32Trust TEE secure manager solution is supported by the global STM32 ecosystem tools with the STM32CubeMX initialization code generator, the STM32CubeIDE integrated development environment, and the STM32CubeProgrammer (STM32CubeProg) ST-LINK programmer.

The STM32H573xx microcontrollers are the first products to support the STM32Trust TEE secure manager solution. Download the documentation and software package from the STM32TRUSTEE-SM web page. Retrieve additional operational and functional descriptions from the STMicroelectronics wiki security pages at wiki.st.com. The reference of the STM32Trust TEE secure manager access kit (SMAK) binary software package for STM32H573xx microcontrollers is X-CUBE-SEC-M-H5. This software package is under export control conditions. Read the "Get Software" description before downloading it.

The STM32Trust TEE SMAK binary can be complemented by new secure functions, called secure software modules, developed by STMicroelectronics, OEMs, or ST Partners who want to sell and protect their software intellectual property.

The STM32Trust TEE secure module development kit (SMDK) is dedicated to the development of these new secure software modules. A software module is a simple or a complex function, which has access to the STM32 peripherals and interfaces and is limited in code size. The STM32Trust TEE SMDK allows OEMs and ST Partners to develop, debug with traces, and distribute their own software module to be installed, updated, and executed under the STM32Trust TEE SMAK rules and isolation (refer to the "Development kits" section of the data brief).

The STM32Trust TEE secure module development kit (SMDK) for STM32H573xx microcontrollers is not available to mass market usage. It is provided under a specific license agreement. Contact STMicroelectronics sales office for additional information. For usage information, refer to the security section of the STMicroelectronics wiki at wiki.st.com.

The list of applicable products is provided in the corresponding section of the data brief.

  • All features

    • Arm® PSA standard and API compliancy
    • Arm® PSA services
      • Secure Boot
      • Root of trust (RoT) with chip diversified keys
      • Cryptography functions
      • Internal trusted storage (ITS)
      • Initial attestation (IAT)
      • Firmware update (FWU)
    • Software IP protection (PSA isolation level 3)
      • Sandboxed secure services
    • Security hardware
      • Arm® Cortex®-M33 with Arm® TrustZone®
      • Option bytes OB-Key secure system key storage (STiRoT, STuRoT, and attestation keys)
      • Side-channel-resistant cryptographic accelerators SAES and SPKA
      • Internal and external event tampers detections
      • TRNG NIST SP800-90B
      • Debug authentication with certificate
    • Security certification (target)
      • PSA Certified™ Level 3
      • GlobalPlatform SESIP3

Get Software

All tools & software

    • Part number
      Status
      Description
      Type
      Supplier

      STM32CubeH5

      Active

      STM32Cube MCU Package for STM32H5 series (HAL, Low-Layer APIs and CMSIS, USB, TCP/IP, File system, RTOS, Graphic - and examples running on ST boards)

      STM32Cube MCU & MPU Packages ST
      STM32CubeH5

      Description:

      STM32Cube MCU Package for STM32H5 series (HAL, Low-Layer APIs and CMSIS, USB, TCP/IP, File system, RTOS, Graphic - and examples running on ST boards)

      X-CUBE-AWS-H5

      Active

      AWS IoT software expansion for STM32Cube targeting STM32H573I-DK

      STM32Cube Expansion Packages ST
      X-CUBE-AWS-H5

      Description:

      AWS IoT software expansion for STM32Cube targeting STM32H573I-DK

      X-CUBE-AZURE-H5

      Active

      Microsoft Azure IoT software expansion for STM32Cube targeting STM32H573I-DK

      STM32Cube Expansion Packages ST
      X-CUBE-AZURE-H5

      Description:

      Microsoft Azure IoT software expansion for STM32Cube targeting STM32H573I-DK
    • Part number
      Status
      Description
      Type
      Supplier

      STM32H573I-DK

      Active

      Discovery kit with STM32H573IIK3Q MCU

      STM32 Discovery Kits ST
      STM32H573I-DK

      Description:

      Discovery kit with STM32H573IIK3Q MCU
On-demand webinar: Simplify your security journey with the STM32Trust TEE Secure Manager solution