6.8 Secure hide protection (HDP)
Some STM32 devices support the HDP memory concept. The HDP, named secure hide protection on STM32L5
devices, is also known as secure user memory on STM32H7 devices, or securable memory on STM32G0
devices.
An HDP area is a part of the flash memory that can be accessed only once, just after a device reset. The HDP
targets sensitive applications that embed or manipulate confidential data, and that must be securely executed
at boot. Once the application is executed, the HDP area is closed, and cannot be accessed anymore by any
means (see the figure below).
Figure 10. HDP protected firmware access
DT50953V1
Flash memory
Reset
Secure firmware execution
HDP area access enabled
Main application execution
HDP area access disabled
HDP area
R/W/E
access allowed
No access
The HDP is a static protection configured by option bytes. Once set, the CPU boots on the firmware embedded
in this area, whatever the boot configuration set by boot pin or boot address.
When to use the HDP
The HDP is suited for a code that must only be executed after reset, like secure boot for root of trust.
Note: The HDP is available in STM32H7, STM32G0, STM32G4, STM32L5, STM32U5, and STM32H5 devices, with
slight differences in its implementation and name (refer to the reference manuals for details).
6.9
Firewall
The firewall is a hardware protection peripheral controlling the bus transactions and filtering accesses to three
particular areas: a code area (flash memory), a volatile data area (SRAM) and a nonvolatile data area (flash
memory). The protected code is accessible through a single entry point (the call-gate mechanism explained
below). Any attempt to jump and try to execute any of the functions included in the code section without passing
through the entry point, generates a system reset.
The firewall is part of the dynamic protections. It must be set at startup (for example by an SB application).
AN5156
Secure hide protection (HDP)
AN5156 - Rev 8
page 35/56
To Next Page
Loading...
Need help?
General
