ST AN3429 Application note

AN3429

Application note

STM32 proprietary code protection overview

Introduction

Software providers are developing complex middleware solutions (Intellectual Propriety (IP) code), which needs to be protected.

This IP code must be available as a plug-in in the end-user applications to build the complete solution. The global protection mechanism limits access to it via a dedicated application programming interface (API), while preventing any read access.

This application note provides an overview of the mechanism used to protect proprietary code from possible read out by the end-user code, debugger tools or RAM Trojan code. This mechanism provides a full API so the IP code can be easily called by the end-user application and still be protected against direct access to the IP code itself.

The proposed solution is based on the MPU features and a special memory and peripheral management mechanism from the end-user application and the IP code.

In the STM32 proprietary code protection method, two levels of protection are used:

●Global Read Out Protection (Global ROP): IP code and end user code are protected against direct reading (by debugger tools or RAM Trojan code) through STM32 ROP.

●IP code Read Out Protection (IP ROP): IP code protected against end user code (possible Trojan code) through the MPU.

As, once the global ROP is activated, the user no longer has full control of the Flash for programming, the primary application (IP code) must also embed an IAP Layer. This IAP allows loading the end-user application without compromising the protected code area.

For more details about the complete solution, please contact your local ST sales representative.

July 2011

Doc ID 019008 Rev 1

1/5

www.st.com

Contents	AN3429

Contents

1	Code protection overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	3
2	Revision history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	4

2/5	Doc ID 019008 Rev 1