Secure Bootloader Design Techniques for

MCU’s

© 2018 Beningo Embedded Group , All Rights Reserved

 Session Overview
Objective:
• Explore and demonstrate secure bootloader design techniques

Topics:
• Embedded System Security Attacks
• Secure Bootloader Features
• STM32 X-CUBE-SBSFU
• Secure Bootloader Implementation
• SBSFU Demonstration
• Best practices for secure bootloader design
© 2017 Beningo Embedded Group, All Rights Reserved 2
 The Lecturer
Social Media / Contact Newsletters Consulting
: [email protected] • Embedded Bytes • Secure Bootloaders
: 810-844-1522 • Code Reviews
: Jacob_Beningo • Architecture Design
• Real-time Software
: Beningo Engineering
• Expert Firmware Analysis
: JacobBeningo • Microcontroller Systems
Jacob Beningo : Embedded Basics

Principal Consultant Embedded Training

http://bit.ly/1BAHYXm
• RTOS Workshop
• Bootloader Design
• Debugging Techniques
www.beningo.com • Security Fundamentals
• Micro Python

© 2017 Beningo Embedded Group, All Rights Reserved

 Hands-on Example Materials

NUCLEO-L476RG

© 2017 Beningo Embedded Group, All Rights Reserved

 A Simple IoT Device

Sensor
Communications
Device
MCU

Co
mm
un
ica
tion Communication Sensor MCU
Device

© 2017 Beningo Embedded Group, All Rights Reserved

 Attack Categories
Today
Logical attack 95 %
attacks
– Remote Exploit of software bugs and open
ports
Board level attack
– Debug ports, physical access to I/F
– Side Channel attack (SPA/DPA, Profiling)
– Timing attack, faults injection
Chip level attack
– FIB (cutting and rewiring signals)
– Physical delayering, reverse-engineering

© 2017 Beningo Embedded Group, All Rights Reserved

 What features does a secure bootloader have?
Unique and Immutable Identity
Authenticity Prevent Counterfeiting / cloning
Protect Certificates

Protect Keys
Data Confidentiality Protect Intellectual Property
Protect Customer Data

Code Integrity
Firmware Integrity Isolate Secure and Non Secure Processes
Secure Communications

Device Integrity Tamper Prevention

© 2017 Beningo Embedded Group, All Rights Reserved

 Secure Boot
• Secure Boot is about ensuring a Chain of Trust established and
maintained throughout the runtime execution of code on the product.
• Secure Boot is used as a Root of Trust using cryptographic functions to
confirm the authenticity and integrity of the user firmware before
allowing it to run
– Unique Entry point at RESET (security infrastructure) Cert.
Code

– Immutable code User

Authenticates

– Authentication reset
Application

– Integrity Boots Up

© 2017 Beningo Embedded Group, All Rights Reserved

 Secure Firmware Update
OEM Key
Server

Sensor § Server sends FW Package

Firmware § Device receives,

Data File
MCU checks/stores/installs new FW
package and executes it
Co
mm
un
ica
t ion Communication
Device
Developer

Server MCU
Communication
Encrypted File

Firmware Firmware
Data File Data File
Data File

© 2017 Beningo Embedded Group, All Rights Reserved

 X-CUBE-SBSFU in a Nutshell
• X-CUBE-SBSFU is provided as reference code to demonstrate state-of-the-art
usage of the STM32 security protection mechanisms. It is a starting point for
OEMs to develop their own Secure Boot and Secure Firmware Update
applications as a function of their product security requirement levels.
– The SBSFU application is an example illustrating how this can be achieved
• This is only one item of the package
– Security never comes for free
• SBSFU is NOT an off-the-shelf secure bootloader with secure firmware
update capability
• Customers to use it as an example to understand how to leverage the
STM32 assets
• Customers must analyze their system and build their own solution
under their own responsibility
© 2017 Beningo Embedded Group, All Rights Reserved
 X-CUBE-SBSFU Features Overview
• Secure Boot (Root of Trust):
– Activate and Check right secure mechanisms of STM32 platform to protect critical operation and
secret from attacks
– Check Authentication and Integrity of User Application before execution
• New (Encrypted) Firmware download via USART Virtual com
• FW installation management:
– Detect new (Encrypted) Firmware version to install
– From local download service
– Pre-downloaded OTA via User Application from previous execution
– Manage Firmware version (check unauthorized updates or unauthorized installation)
– Secure Firmware Update:
– Firmware Authentication and Integrity check
– Firmware Decryption
– Firmware Installation
– In case of any error occurring during new image installation rollback to the previous valid
Firmware version
– Execute new installed Firmware (once Authenticated and Integrity checked)

© 2017 Beningo Embedded Group, All Rights Reserved

 X-CUBE-SBSFU Features Overview
• 3 cryptographic schemes are provided

• The X-CUBE-SBSFU Architecture allows switching from one scheme to

another via compiler switch.
© 2017 Beningo Embedded Group, All Rights Reserved
 Series

STM32 L4
STM32 L0
STM32 F7
STM32 F4
STM32 F2
STM32 L1
STM32 F0
STM32 F3
STM32 F1
STM32

STM32 H7
Debug
Access
Port
RESET
Register

FLASH
WRP
FLASH
Mass
ERASE
Tamper
Pins

CRC

© 2017 Beningo Embedded Group, All Rights Reserved

Hardware

96-Bit
Unique ID
Crypto
Library
Support
Memory
Protection
Unit(MPU)
FLASH
RDP

TRNG
Security Features

AES
STM32 Security Features

Hardware
Accelerator
FLASH
PCROP
HASH
Hardware
Accelerator

Firewall

SRAM
RDP

FLASH
ECC

Sys Clock
80
32
32
48
72
72

400
216
180
120

(MHz)

Arm
M4
M7
M7
M4
M3
M3
M0
M4
M3

M0+

Cortex®
 Package Architecture Overview
Secure Bootloader & Secure Firmware Update Basic User Application

SBSFU Application User Application

Secure Boot
FW

SECURITY ACTIVATION
Download
Local FW loader
(option)

New FW detection Secure Engine Middleware

Secure Engine Protections
Secure FW Update Examples
Secure Engine Interface

FW version Call Gate Entry point

management
FW
User Code
Error management / Crypto for
User Appli
Secure Image Boot.Info Example
Recovery procedures Bootloader
Functions Helpers
Drivers

Hardware Abstraction Layer API Boards Support Packages

CMSIS

STM32l4xx STM32f4xx STM32l0xx … STM32f0xx CommIF_HW_X CommIF_HW_Y

HW Components

STM32 Nucleo Board X-NUCLEO Expansion Board (CommIF)

Development Boards

© 2017 Beningo Embedded Group, All Rights Reserved

 X-CUBE-SBSFU Ecosystem Overview
OEM FW V1 OEM FW V2

SBSFU SBSFU

Secure OEM-FW image Update (SBSFU local download or User Application Download)

SFU FW Header Tera Term SBSFU Local dwl

Application UART I/F
SFU Encrypt & Sign Python OEM FW V2 Ymodem Protocol
OEM SBSFU FW Keys Preparation (Encrypted binary) OEM SBSFU FW
Scripts
WRP

WRP
Nonce (IV)
Isolation

Secure Engine Secure Engine

Isolation
SFU keys SFU keys
OEM FW V2
(Clear binary)

RDP L2
RDP L2

User Application dwl

OEM FW V1 Tera Term UART I/F OEM FW V2
Application Ymodem Protocol

OEM FW V2
development
IDE

Could be replaced by an IOT server and OTA download in IOT device

User Flash

OEM Firmware Authentification/Encryption keys

© 2017 Beningo Embedded Group, All Rights Reserved

 Firmware Image Programming
Secure Engine Secure Engine Secure Engine Secure Engine

SBSFU SBSFU SBSFU SBSFU

FW Header #B FW Header #A FW Header

Slot #1 Encrypted FW Backed-up FW

Image #B Image #A

Slot #0
FW Header #A FW Header #A FW Header #B Active
Firmware
Slot #0 Active Active Active
Firmware #A Firmware #A Firmware #B

Swap area Swap area Swap area

Dual Image Mode Of Operation Single Image Mode Of Operation

© 2017 Beningo Embedded Group, All Rights Reserved
 Component Deployment Model
• UserApp: sample user application (mutable firmware: this is the updated FW)
• SECoreBin: the binary running in the secure enclave (isolated execution
environment)
• SBSFU: the Secure Bootloader with Secure Firmware Update capability
• Secure Engine, SECoreBin and SBSFU are tightly coupled
SBSFU
Compiled in the SBSFU project
se_interface se_interface_xxx.o

Secure Engine
SECoreBin SE_Core.bin
Low level APIs
Low level components

SBSFU Core

© 2017 Beningo Embedded Group, All Rights Reserved

 Component Deployment Model

© 2017 Beningo Embedded Group, All Rights Reserved

 Security Layering

© 2017 Beningo Embedded Group, All Rights Reserved

 Types of Protections

© 2017 Beningo Embedded Group, All Rights Reserved

 Chain of Trust

© 2017 Beningo Embedded Group, All Rights Reserved

 Protected Processing

© 2017 Beningo Embedded Group, All Rights Reserved

 Secure Enclave: Secrets Storage

© 2017 Beningo Embedded Group, All Rights Reserved

 Non protected areas ….
• The FLASH slots storing the User Firmware Images are not protected
– Only the Header of the Active Slot is protected by Firewall
• The Active Firmware Image can be altered: SBSFU does NOT prevent this
– After altering the Active Firmware Image you can install any valid FW
version
– This is a way to re-install version N-1 despite the ‘anti-rollback’ check at
installation stage
• The slot #1 can be altered too
– Denial of Service is possible (no rollback possible)
• A lot more things can probably be done
SBSFU is an example (the security grade is unknown)
SBSFU is for free (available on st.com)…security is not…

© 2017 Beningo Embedded Group, All Rights Reserved

 The NUCLEO-L476RG

© 2017 Beningo Embedded Group, All Rights Reserved

 DEMO Project Setup

Bootloader
Demo
© 2017 Beningo Embedded Group, All Rights Reserved
 Secure Bootloader Best Practices
• Start your secure bootloader design early!
• Remember that security isn’t free
• Select a microcontroller that supports security
• Lock the flash security bits to protect the bootloader and application
– Secure boot should be immutable
• Securely store private keys
• Clearly identify up-front the level of security that is necessary for the bootloader
• Develop a chain of trust
• Use signatures to authenticate the firmware source

© 2017 Beningo Embedded Group, All Rights Reserved

 Going Further
• Download beningo.com resources
– C Doxygen templates
– RTOS Best Practice Guide
– Bootloader White Paper
– Bootloader Design Techniques Course
• STM Resources
– X-CUBE-SBSFU

© 2017 Beningo Embedded Group, All Rights Reserved

 Questions

© 2017 Beningo Embedded Group, All Rights Reserved