 Hello and welcome to this presentation on Secure Firmware Update Timing. The TFM-SBS-FU boot application implements the Secure Boot function and the Secure Firmware Update function. The following parameters affect the execution timing of the Secure Boot function, the hardware configuration, the number of firmware images, the number of firmware slots, the firmware image size, the size of flash memory area used to store the firmware image version, the SBS-FU cryptography scheme configuration, the SBS-FU configuration with or without TFM support, the compiler optimization options. Each step of the Secure Boot sequence is detailed on the figure. SBS-FU application initialization, image integrity check, image version check, image authentication, image version update, TFM value computation, and SBS-FU application de-initialization. The activating of the runtime protection and cleaning of the SRAM used by the SBS-FU application are performed during the de-initialization of the SBS-FU application. The Secure Boot function uses cryptographic algorithms which can be implemented in full software or can be accelerated by the STM32U5 hardware cryptographic accelerators. The execution timing of the Secure Boot function depends directly on the implementation of the cryptographic algorithms but also on other system parameters as indicated in the table. The table indicates the time to execute each step of the Secure Boot operation sequence described in the previous slide. The reference SBS-FU configurations used to measure these timings are the following. IDE, Kyle Toolchain MDK ARM 5.31.0 with minus OZ option, the hardware configuration, hardware accelerated cryptographic capability, 160 MHz instruction cache enabled, the number of firmware images, two firmware images, the number of firmware slots, primary and secondary slots. The size of the firmware images, 31 kilobytes and 177 kilobytes. The size of the flash memory area used for the firmware image version storage, 8 kilobytes. The SBS-FU cryptography scheme configuration, RSA 2048 firmware encryption supported and the SBS-FU configuration, TFM supported. This table gives Secure Boot execution timing values for two configurations. The common features for both configurations are Kyle IDE, Toolchain MDK ARM 5.31.0 with minus OZ option, 160 MHz operation, instruction cache enabled on internal memories, two slots. The features specific to configuration number one are two firmware images of 177 kilobytes and 31 kilobytes, RSA 2048 with hardware accelerated cryptographic capability and TFM configuration. The features specific to configuration number two are one firmware image of 76 kilobytes, RSA 2048 with software cryptography and SBS-FU configuration. These two different configurations lead to the same Secure Boot execution timing of 30 milliseconds. Thank you for attending this presentation. You can refer to UM2851 for more details on Secure Firmware Update performance metrics and to the following presentations that detail how TFM works, TFM flash memory footprint and TFM offer in STM32U5.