Release v1.4.0

We are pleased to bring you the STM32 Secure Patching Bootloader Release v1.4.0

Features:

• Add support for new platforms and boards: G0 (NUCLEO-G0B1RE) H7 (DISCO-H745I) WL (NUCLEO-WL55JC) F4 (DISCO-F469I) L4 (NUCLEO-L476RG)
• Prints size of binaries detected in each slot in diagnostic output.
• Bootloader disables cache before launching application on all boards that use cache (prevents faulting when application tries to re-enable already enabled cache in some cases).
• Optimization: greatly speeds up patching updates (3x or more) on large binaries utilizing external flash.
• Optimization: removes one redundant header verification in virgin device or two redundant header verifications in devices that have undergone at least one update cycle. Saves between 50 - 2000 ms per header verification of bootup time depending on MCU capability.
• Adds make_keys_vXm.bat scripts to automatically generate machine.txt file (often overlooked otherwise).

Fixes:

• Fixes YMODEM load button trigger wrong state for NULEO-L452RE.
• Ensures hardware CRC is powered up when needed during SE_PATCH_Data() API calls.

Errata:

• [1] SE_PATCH_Data API will fail with error code 11 (SECTION_WRITE_FAILURE) if presented with a full-image update file (.sfb) data buffer length that is not a multiple of the platform's flash write size: typically 8 bytes (doubleword). Workaround is to ensure that the API is called with an 8-byte-multiple length buffer.
  Note: this is not necessary for .sfbp (patch) files, and having it in place won't affect .sfbp updates.

Bootloader customization for your board is available. Contact us.

Release v1.3.0

We are pleased to bring you the STM32 Secure Patching Bootloader Release v1.3.0

Now works with STM32CubeIDE 1.9.0 and greater.

New features:

• Simplifies application integration process by removing the need to link with a library for access to SE_PATCH (in-application firmware update) APIs. Now, the SE_PATCH engine APIs are available to all applications by default.
• Adds new platform support for STM32L4+ and DISCO-L4R9I and B-L4S5I-IOT01A boards.
• Adds new platform support for STM32L5 and the DISCO-L562E board.
• Updated Quick Start Guide with instructions to generate per-project security keys (easy to do, but step was missing).

Notes:

• Still works with prior versions of CubeIDE. Method of calling the Secure Engine APIs is more universal now.

Errata:

• [1] SE_PATCH_Data API will fail with error code 3 Invalid image - firmware image header checksum failed or not present unless CRC hardware peripheral's power is explicitly enabled by the user application prior to calling SE_PATCH_XXXX APIs. Workaround: call __HAL_RCC_CRC_CLK_ENABLE(); during application initialization.
• [2] SE_PATCH_Data API will fail with error code 11 (SECTION_WRITE_FAILURE) if presented with a full-image update file (.sfb) data buffer length that is not a multiple of the platform's flash write size: typically 8 bytes (doubleword). Workaround is to ensure that the API is called with an 8-byte-multiple length buffer.
  Note: this is not necessary for .sfbp (patch) files, and having it in place won't affect .sfbp updates.

Product customization for your board is available with product registration. Contact us.

Release v1.2.0

We are pleased to bring you the STM32 Secure Patching Bootloader Release v1.2.0

New features:

• Adds support for four new STM32L4 family dev boards (DISCO-L476G, NUCLEO-L412KB, NUCLEO-L452RE, NUCLEO-L496ZG)
• Adds runtime API to get bootloader version string from application: SE_APP_GetBootVer
• Enables USB flash drive update on DISCO-L496G (wasn't enabled previously).
• Updates API interface documentation in stm32_secure_patching_bootloader_interface_v1.2.0.h. Remove references to the previous generation firmware update system.
• Adds test binaries for each board under Test/<BOARD> directory. Allows for quick validation of bootloader board support and evaluation of the firmware update process. Instructions for use are in the README.
• Adds new YMODEM loader trigger through command load. Enter the four characters when the bootloader outputs UART loader check trigger. during its launch sequence. It will wait 1 second for this code to be entered. This is a workaround for #1 until a specific LORA-E5-MINI board support is added. In the meantime the LORA-E5-DEV board libraries work fine on the LORA-E5-MINI (and LORA-E5-GROVE).
• YMODEM loader, after being triggered, has 60 second timeout waiting for update to start, after which boot continues.

Notes:

• Quick Start Guide (QSG) v1.1.0 remains applicable to release v1.2.0.

Product customization for your board is available with product registration. Contact us.

Release v1.1.0

We are pleased to bring you the STM32 Secure Patching Bootloader Release v1.1.0

New features:

• Support for STM32WLE5 and LORA-E5-DEV and LORA-E5-MINI boards from SeeedStudio.
• Cleaned up postbuild argument list: remove vector offset and multiseg parameters - now located in board library package.
• Added README to board library packages.

Board customization available with product registration. Contact us.

Release v1.0.0

Based upon our proven Firmware Modules Secure Boot and Secure Firmware Update (FM-SBSFU), we bring to you a new, simplified and improved solution that makes it far easier to get world-class secure firmware update capabilities into any STM32-based embedded system.

We are pleased to bring you the STM32 Secure Patching Bootloader Release v1.0.0

Features Overview:

• Dual slot architecture.
• Encrypted and signed firmware update images.
• Delta Patch Engine.
• Multiple bootloader update methods where hardware permits: UART or USB flash.
• In-application (IAP) and over-the-air (OTA) update support via API.
• Pre-built libraries - nothing to build, it just works out of the box.
• Ready-to-go firmware image preparation scripts including secure patch generation.
• 64-bytes uninitialized area reserved at start of RAM for user application requirements such as fault info reporting.

Requirements:

• User application project using STM32CubeIDE.
• Python installed.

Support for 5 board configurations:

• NUCLEO-L073RZ, YMODEM UART update
• NUCLEO-F429ZI, YMODEM UART update, USB flash update
• DISCO-L496G, YMODEM UART update, USB flash update
• DISCO-L496G-CELL02, using DISCO-L496G libraries
• DISCO-F769I, YMODEM UART update, USB flash update, Multi-segment external QSPI flash

Customization available with product registration. Contact us.