Introduction

This document describes the debug authentication (DA) security service. When not specified, STM32 refers to all applicable

products present in Table 1. Applicable products.

The STM32 debug authentication controls the product life cycle, such as regressions (for more details about the life cycle, refer

to the reference manual), and debug reopening:

• Regression

The user leverages the regression service to erase the user firmware and data within the user flash memory, SRAM, and

option-byte keys (OBK) when OBK are supported by STM32. After a regression, STM32 falls back in product state open.

Depending on STM32 products, there can be several kinds of regression: full regression and partial regression Refer to

Section 3: STM32 debug authentication services description for more details.

• Debug reopening

The user leverages the debug reopening to safely reopen the debug on STM32 when it is in a product state different than

open.

When the STM32 product state is not open, the user can trigger the debug authentication services by sending a password or a

certificate chain to the STM32 device.

These two options are named the debug authentication methods.

The debug authentication protocol uses the STM32 device debug access port 0 (DAP0) and the DBGMCU IP for

communication.

Figure 1. Debug authentication interface

DT73818V1

STM32

Probe

Debug port

/ DBGMCU

Debug

Authentication

The STM32 debug authentication implements the Arm

PSA ADAC (authenticated debug access control) specification.

The Arm

PSA ADAC protocol is based on the certificate chain and the challenge/response principle.

Table 1. Applicable products

Type Product

Microcontrollers STM32H5 series, STM32H7R3/7S3, STM32H7R7/7S7 lines

Getting started with debug authentication (DA) for STM32 MCUs

AN6008

Application note

AN6008 - Rev 2 - May 2024

For further information contact your local STMicroelectronics sales office.

www.st.com

1 General information

This document applies to

•

STM32H5 series Arm

Cortex

‑M33‑based microcontrollers.

• STM32H7Rx/7Sx Arm

Cortex

M7 based microcontrollers.

Note: Arm is a registered trademark of Arm Limited (or its subsidiaries) in the US and/or elsewhere.

Table 2. Terms and abbreviations

Acronym Definition

AES Advanced encryption standard

ADAC Authenticated debug access control

DA Debug authentication

EPOCH Epoch

HDP Hidden protection

HDPL Hidden protection level

iRoT Immutable root of trust

JTAG Joint test action group

OBK Option-byte keys

OFTDEC On-the-fly decryption

PKA Public key accelerator

PSA Platform security architecture

SAES Secure advanced encryption standard

SoC System on chip

SDM Secure debug manager

STiRoT ST immutable root of trust

SWD Serial wire debug

Arm

TrustZone

TZEN

Arm

TrustZone

enabled

uRoT Updatable root of trust

WRP Write protection

Reference documents

Reference

Name/address Title

[1] DEN 0101

Authenticated Debug Access Control 1.0

(1)

[2] RM0481 STM32H573/56x & STM32H533/523 reference manual

[3] RM0492 STM32H503 reference manual

[4] AN6007 Application note for STiRoT

[5]

Security features on

STM32H5 MCUs

https://wiki.st.com/stm32mcu/wiki/Security:Security_features_on_STM32H5_MCUs

[6] RM0477 STM32H7Rx/7Sx reference manual

AN6008

General information

AN6008 - Rev 2

page 2/26