STM32-SFI Flasher Commander
The STM32-SFI Flasher Commander is a command line interface (CLI) tool for programming targets using ST's Secure Firmware Install (SFI) feature and SEGGER’s professional production programmers Flasher PRO, Flasher PRO XL, and Flasher Compact.
Overview
The STM32-SFI Flasher Commander is a command line interface (CLI) tool developed to support the Secure Firmware Installation (SFI) feature from STMicroelectronics. No additional license is required to use this tool with Flasher Compact, Flasher PRO or Flasher PRO XL.
Key features
The STM32-SFI Flasher Commander is a robust tool designed to secure the programming of STM32 microcontrollers during production. Its key features focus on enabling the Secure Firmware Installation (SFI) process, ensuring safe and reliable firmware transfer, and offering compatibility with SEGGER's advanced Flasher production tools.
Supports Secure Firmware Installation (SFI) from STMicroelectronics
The STM32-SFI Flasher Commander is designed to facilitate the Secure Firmware Installation (SFI) process, ensuring encrypted firmware is securely programmed onto SFI-enabled STM32 microcontrollers during production.
Ensures secure transfer of firmware to the target
The STM32-SFI Commander enables the secure transfer of encrypted firmware and its corresponding decryption key to target microcontrollers, using a Hardware Security Module (HSM) for secure key storage.
Runs with Flasher PRO XL, PRO and Compact
The tool is fully compatible with SEGGER's Flasher PRO XL, Flasher PRO, and Flasher Compact in-circuit programmers, offering flexibility across various programming setups.
How the STM32-SFI Flasher Commander works
As part of the production process for SFI-enabled STM32 microcontrollers, the intellectual property (IP) owner sends encrypted firmware along with the corresponding decryption key to the facility responsible for programming the microcontrollers during production. The firmware decryption key is securely stored on a Hardware Security Module (HSM). Programming can take place at any production site, even external, such as a contract manufacturer or a distributor that offers mass programming of stocked devices for delivery.
At the programming facility, the STM32-SFI Flasher Commander interfaces with SEGGER's Flasher PRO, PRO XL, or Compact in-circuit programmers and transfers the encrypted firmware image and the matching firmware decryption key (also in encrypted form) to the target MCUs to be programmed.
Requirements
The following hardware items are required to program:
- Smart card reader connected via USB to the host PC
- STM32HSM Smart card STM32HSM-V2
- Flasher PRO, Flasher PRO XL, or Flasher Compact
The generation of the secure .sfi binary file is part of the OEM firmware development phase and is handled by the Trusted Package Creator tool from ST as a post-processing of the application code.
The volume production leveraging the STM32 SFI programming is fully handled by the SEGGER STM32-SFI Flasher Commander tool and the SEGGER Flasher programmer.
More information about the STM32-SFI Flasher Commander is available in the SEGGER Knowledge Base.
Other SEGGER solutions for secure programming
If the target device does not support ST’s SFI, SEGGER has got you covered with the sophisticated production programming system Flasher Secure.
Combined with the SEGGER's Target Encrypted Link Package (TELP), it enables hardware without security features to be programmed securely. Using TELP, any microcontroller can be programmed with an encrypted firmware or bootloader image.
Get in touch with us
Have questions or need assistance? Our Embedded Experts are here to help!
Reach out to us for:
- Licensing quotes
- Technical inquiries
- Project support