 First, let's experiment together the SBSFU functionalities. During all these hands-on, we will use some scripts. So I will advise you to have an explorer window open to this folder. STM32 secure WS, TFM script. First, let's talk a little bit about the TFM-Nucleau L5 flash memory map. In the secure portion of the flash, we will have our SBSFU boot, our TFM application secure primary slot, that's mean the execution slot. And in the non-secure application in flash part, sorry, we will have the TFM-appli non-secure execution slot. And we've got the slot for the download of the new version of TFM-appli secure and the new version of the appli non-secure. So the first things we have to do before flashing any binaries is to configure the option byte of our device. We will set TRUSON enable to activate the TRUSON functionality. We will set also the flash watermark to set this portion of flash as secure and this portion of flash as non-secure. We will also set the sec boot address, where we will boot after reset. And also the dual bank flag and the SRAM 2 non-reset flag. Here you can see the traces of the script. So the step one. And let's do it together first. So this is my explorer window. The folder STM32-CQWS-TFM script. Let's load the step one script, step one prepare L5 for tfm.bat. You can see some warning and you can ignore them. Those warnings are here because I try to set the value that is already to the good value so it was not modified. But nothing else. So your device is ready to receive the pre-compiled version of the tfm. So the next step. We need to flash them. We have 3 binaries to flash. The tfm-appli non-secure plus its metadata. Mainly the signatures. The same thing for the secure application and the sbsf you boot. You can wonder why this folder and in fact it was the opposite order of execution. That mean when I reset, I will boot on sbsf you boot that will load the tfm-appli secure that will load the appli non-secure. So it's a good way of working to flash them in disorder. That way you ensure when you boot with the tfm-sbsf you boot all the rest of the application are here. So we will launch the step two to flash this pre-compiled version. We will check together those traces. Then we will launch the tfm, push the reset button and we should see the tfm traces on the tfm. So I can close this window. Let's flash the pre-compiled version. First we can see the non-secure application with its signatures. Then the secure application. Other can see it's bigger. And the last one was the tfm-sbsf you boot. Good. Let's launch our term-windows. And now I will press the reset button of my port. So here the traces. Let's have a look. Starting bootloader. Here you've got port and not supported. Those traces are when your device is empty. If you press the reset again you won't see them because it was some non-volatile counter that was not set. So they initialize all the static value. Then we've got some counter, counter three and counter four. And in fact, this reflects the version number of the secure application and the non-secure application. At this moment, none of them are installed. We are in version zero. Then we will discover that we've got something ready and we verify the signatures. This is a secure application. And we set the counter three to the value one to say okay we've got a secure application with a version one that is now installed. The same thing will be done for the non-secure application. Then everything is ready. Then we will jump to the secure application that we call the non-secure application. Okay. So mainly now we are ready to play with all this stuff. So let's come back to the presentation. First, we will select the download secure image. So first we will select download the new firmware image then download a secure firmware. So here we will use the Y modem. Thanks to TerraTerm. And we will select a version two that I prepare for you. As you can see, there is two versions of the TFM secure binary sign. We've got the TFM S for secure encrypted sign V2. And you also have the TFM secure sign V2.bin. So one version, the firmware is encrypted. And the other one, the firmware is not encrypted. The both are signed for sure, but one is an encrypted version and the other one is not encrypted. I will do it with the encrypted version but you can also select the non-encrypted version. You can wonder how it works. How the SBSFU can detect if it's encrypted or not. In fact, there is a flag inside the header and the key that is used to encrypt this firmware is embedded also in this one. And this key is also encrypted in an asymmetric way. So it can be decrypt just by the SBSFU then it can be used to decrypt the firmware. And we will have done this. We'll see the download that is successful and then we will trigger the installation and I will explain you the different traces. So let's come back to our application. So we decided first to download a new firmware so I press 3. Then I want to download a secure image. So now my application is waiting on the Ymodem So I select File Transfer Ymodem Send By default you should be at a good location which is a application Tfm for Workshop Archive. And there you've got many binaries. So let's take the good one. We want the Tfm secure to.bin. You can also use if you prefer this one Tfm secure but this one is not encrypted. So you will see from a functional point of view it will finish with the same value install and it will be a version 2. So let's take this one, I open download is started So here is only everything is happening in the non-secure world. We've got a non-secure application we embedded the downloader that will push the image in the downloading slot which is in the non-secure. And now to trigger the installation we need to have a reset. So we can press 1 or you can press the reset button because the installation will be learned by the SBCFU boot which will be executed at start. So let's press 1 and let's check together the traces. So here first we've got the 2 versions I already told you about the secure application is still version 1 and the non-secure application is version 1. Here we've got a swap test that means it detects there is something in the download area and it will test it. Those traces are in fact the key that will be used to decrypt the firmware that is encrypted. So if you have selected the non-encrypted version of the firmware but have those traces. Then you verify the counter you say ok it was a version 2 I was in version 1 so it's ok I'm going to an update version so it's a load. If you try to downgrade you can still flash at the same level. I mean version 1 with version 1 but once you have installed version 2 you can't install any more version 1. This is the anti-rollback mechanism. Counter is ok then you verify the signatures ok so it will upgrade the secondary slot The swap type known here is just to indicate that it didn't detect a new version of the non-secure application because we can update the both at the same time but I prefer here to decrypt the exam. So to install it it will erase the primary slot so the slot of execution it will decrypt the version and then it will copy from the secondary slot the downloading slot to the execution slot and then it will set the counter to the version 2 ok then I will say here installation is finished and now it go to the classical boot loader it will check the counter it will check the signatures of the secure application of the non-secure application engine job. In this version 2 I added the traces in the source code that way you can see you are really updated the secure application. So here you've got the sum up of what I've just told you. Let's do the similar things for the non-secure application so the principle will remind the same you can use also an uncrypted version or the un uncrypted version and we will say that we've got similar traces. Let's do it so this time I want to download a new firmware so tab 3 the non-secure application tab 3 and then file, transfer ymodem send non-secure uncrypted side version 2 and I open. For the moment we've got a user name userapp and the version 2 will be a userapp So as you can see the download is ok but we can trigger the installation as I said previously we can download the both image and do just one reset to upgrade the both images at the same time but here I just decorate them so this time I will press the reset button and you've got something similar swap type known first so that means it has not detected a new version of a secure application non-secure application here you've got the encryption key you verify the counter so here we've got the secure application in version 2 the non-secure application is version 1 here we upgrade the non-secure application to version 2 also the signature is ok in the downloading slot so ok we just copy hits and check the signatures again and install them and now you've got a user B application ok so I show you how from a functional point of view we are able to upgrade the secure application and the non-secure application now I would like we experiment together the test protection menu and then specifically the non-secure try to access the secure and after we do the same with the test GFM so here I just click enter 1 so test protection non-secure try to access to secure and here we can see the successive reset we've got this result so the test is ok and let's have a better look we try to win 1 byte from the data secure at this location and in fact it fell ok and this trigger a reset so our sbsfu is booted again he launched a secure application that launched a non-secure application non-secure application don't display the usual menu because he remind or think the variable in SRAM he can see that it was testing this functionality and launch the next test with try to read at this location another byte again a reset here we try to read at this address which is a secure address for sure again and each time it will give you a cumulative result here quite simple now let's test the GFM so if I press 2 here it should remind you something PSA API on the GFM secure services so the 3 one are crypto one for sure G for secure storage you remember secure storage when you need to encrypt the data before storing them because the storage is not protected by hardware protection then we've got the hits for attestation token remember token you give a value and you will receive this value concatenate with some other value of the system that will be signed internal trusted storage this time store the data inside the location that is hardware predicted so no need to encrypt and then some short services we can launch all those tests with 0 let's do it and you directly get the status so encryption ok SST we set and we read and we remove from the storage for the token test or the attestation token test we give a token of 000 concatenate with some information of the system and then sign it internal trusted storage and you've got a cumulative result 12 out of 12 and that's it many for this first part so where do we stand now we experiment together how to flash a new version or to install a new version of the tfm-apply secure of the tfm-apply non-secure we also experiment some service code thanks test embedded in the user app so this is really the functionality that's bring by the full tfm a secure boot but secure firmware update and secure services next possible engine we will compile and debug then we can activate some hardware protection the HDP and the HDP0.5 if you want to stop and you don't want to go on with the rest of the engine please jump to the board cleanup slide to put your target as at the beginning of this engine