 unique boot entry. First let's talk about the boot configuration. Reminder, on all the STM32 you could boot from. User flash memory, embedded bootloader, or SRAM. Using ADP2, you restrict to boot from user flash memory. I invite you to have a look in the ADP chapter. But we've got additional feature. On the STM32 G0, G4, and L5, we've got mechanism to ensure we boot from the user flash memory even in ADP1. On the STM32 H7, we've got a mechanism closely linked with the secure memory and the root security system. Though I propose we go in detail for those. Let's start with the boot configuration on the G0, G4. First we test an option byte and boot cell. Depending on its value, then we will test the boot zero pin or the end boot zero bit, which is an option byte. If we test the boot zero pin, if it's zero, then we boot from main flash memory. If it's one, we test another option byte with the end boot one bit, and then we boot from embedded SRAM or system memory. The end boot zero bit is tested also, and if it's zero, we then test the end boot one bit option byte. But if it's one, we boot from the main flash memory. This is the boot configuration for G0, G4, classical, I would say. But we've got this additional feature. It's another option byte bit, which is a boot log bit. If this one is set, you boot to the main flash memory, whatever the end boot cell, boot pin, and end boot G0 or end boot G1 bit. The purpose is to lock the boot on the user flash, whatever the boot configuration. If boot lock is set to one, the device boot on the user flash, whatever the state of the end boot bit or pin. The boot lock can be changed from zero to one. I mean, we can activate it when we are in ADP zero or in ADP one. But if you want to change it from one to zero, I would say to remove this functionality, you can only do it in ADP level zero. So if you are in ADP one with a boot lock set, the only way to go back from this is to make a regression from ADP one to ADP zero, which implies a math errors. Then you can change the boot lock value once you are in ADP zero. Let's switch now to the boot configuration of the L5 when trust zone is activated. In this case, there is a test on an option byte end of to a boot zero. If it's one, then there is a test on the boot zero pin. If it's zero, there is a test on an option byte end boot G0 bit. If the pin is set to zero, we boot to the second boot address. I mean an option byte which contains this value. If it's one, we boot to the embedded boot loader, which is also called ASS in the case of the L5. Then if we test the end boot zero bits, if it's one, we go on the RSS. If it's zero, we boot to the second boot address. The additional mechanism is similar to the G0 G4. There is a boot lock bit and if it's to one, we boot to the second boot address. And this option byte is locked. That means you can't modify this second boot address. So you have to set it before activate the boot lock bits. The purpose is the same. Lock boots on user flash whatever the boot configuration. If boot lock is set to one, the second boot address option byte can't be modified. And the device will boot on the second boot address for sure. It can be changed from zero to one in RDP zero RDP one, but caution, boot lock can't be clear even if you are in RDP zero. That means when you activate this functionality with RSS activated, then you can't remove it. About the boot configuration of the H7. Just test the boot pin and if it's zero, you boot to the boot address zero. If it's one, you boot to the boot address one. So boot address zero and boot address one are option bytes and the content is the address what you want to boot. The additional feature is a little bit different here. It just you activate the security. So if you activate the security, then you will boot to the RSS with the embedded bootloader with some security features. And this one will select to boot on the secure memory area. And this secure memory area is defined in the option byte sec area start one or sec area start two because there is two region possible. Here, this is closely linked to the secure mem definition. So I don't give you much more detail here and I invite you to have a look in the secure memory chapter. So to sum up with the H7 when security is activated and secure memory is defined, the STM32 will always boot on this secure memory. The only way to modify this is to do a RDP one to RDP zero regression, which implies a flash math errors. The detailed description will be addressed in the secure user memory part. The availability of this feature across all the STM32 family, we've got the STM32 L5, the H7, G0 and G4. Usually I try to do some hands on for each chapter. For this one, I decided not to do some chapter, some hands on sorry, because it's a little bit not dangerous, but you can easily break your device if you define unlock the address when you want to boot and you are in the RDP one. This is the end of this chapter. Thanks for your attention.