Electronics > Microcontrollers

STM32L05xxx/L06xxx device errata

(1/1)

girishv:
I am designing a board based on STM32L063C8T6. This is my first attempt to design an STM32 based board for academic purpose. I have been reading the errata for STM32L05xxx/L06xxx devices. I am unable to understand the item "Protection level1 does not work"



What does this mean?

ataradov:
This means your firmware is not fully secure if RDP1 is used. Attacker may attempt to erase the device, which would set RDP0 (full access), but the memories may not be fully erased, so full or partial firmware may be recovered.

If you care about firmware security, you will have to use RDP2, but this is a one way process, once this level is set, it can't be reversed. So, you probably want to make a bootloader first.

georges80:
And is only present in Rev A silicon. So, verify the rev you have before worrying too much about that particular errata.

cheers,
george.

hans:
Sounds like they had a silicon bug or perhaps a glitchability of the chip, where issueing a mass erase while the chip is in protection level 1, does not erase all memory AND reset the protection level to 0.
If any, the protection level reset should be done only when everything was erased, but maybe there is some voltage glitchability where the chip does not and only resets the protection level, thus exposing the program binary.

Or maybe ST screwed up some statemachine and it was buggy in the first place.

Anyhow, if this is for academia, I don't think you'll quickly need code protection, especially if you intend to open source and publish about your design and results.

girishv:

--- Quote from: hans on February 04, 2023, 08:42:29 am ---Sounds like they had a silicon bug or perhaps a glitchability of the chip, where issueing a mass erase while the chip is in protection level 1, does not erase all memory AND reset the protection level to 0.
If any, the protection level reset should be done only when everything was erased, but maybe there is some voltage glitchability where the chip does not and only resets the protection level, thus exposing the program binary.

Or maybe ST screwed up some statemachine and it was buggy in the first place.

Anyhow, if this is for academia, I don't think you'll quickly need code protection, especially if you intend to open source and publish about your design and results.

--- End quote ---
As pointed out by @georges80, it affects only revision 'A' of silicon. I have revision 'Z'.

I have about 200Nos in stock. At this moment, I am trying to build few development boards for in-house projects.

Navigation

[0] Message Index