STM32HSM-V2ML

The STM32HSM-V2 hardware security module (HSM) is used to secure the programming of STM32 products, and to avoid product counterfeiting at contract manufacturers' premises.

The secure firmware install (SFI) feature allows secure downloading of customer firmware to STM32 products that embed a secure bootloader. For further information on this feature, refer to the AN4992 application note available from st.com.

Original equipment manufacturers (OEM) working on a specific STM32 product receive the relevant ST public key to be stored to one or more STM32HSM-V2 HSMs using the STM32CubeProgrammer and STM32 Trusted Package Creator software tools.

Using the same toolchain, after defining the firmware encryption key and encrypting its firmware, the OEM also stores the encryption key to one or more STM32HSM-V2 HSMs, and sets the number of authorized SFI operations for each HSM. Contract manufacturers must then use these STM32HSM-V2 HSMs to load encrypted firmware to the STM32 devices: each STM32HSM-V2 HSM only allows the OEM-defined number of SFI operations before irreversible deactivation.

To best prevent security concerns and ensure that you are using a genuine STMicroelectronics product, purchase STM32HSM-V2 either from STMicroelectronics sales offices or from STMicroelectronics official partners.

Download related software (STM32CubeProgrammer including the STM32 Trusted Package Creator tool) only from the STMicroelectronics official web site st.com.