 Hello, everyone. Bob Waskiewicz from ST Microelectronics, staff engineer here with the final video episode of our nine part video series on the STM32L5 trust zone. In part nine, we're going to discuss two methods of deactivating the trust zone, and then we're going to actually deactivate the trust zone from the previous hands on using method number one. So hands on number four, we're going to turn off the trust zone using, I'm going to describe two methods. We're going to use method one. Method one is just the normal way of things are going well. Method two is if it's like, oh my God, I ripped the device. So we'll get into both of them. Basically what needs to be done is you have to set the read protection level, which I just talked about, level point five or level one. And then the reversion of the trust zone and the read protection level have to occur during the same sequence. And there's some power sequencing involved, and we'll get into that in details in a few slides. I'm going to describe the two methods with slides, and then we're actually going to perform method one. So when I say that the L5 trust zone is correctly configured, this means that the call from the secure to the non-secure application is working. What this allows is it allows you access to the option bytes to be able to change them. If the secure side never calls the non-secure side, the option bytes are secure. Remember, all flash is secure, so it's protected. And you won't be able to change the RDP level until you get that right. So in addition to this, the power source for the board needs to also be independent from the ST link. Because what happens during the reversion is there's reset set to the ST link that need to occur. And if the power is interrupted, which happens sometimes when you try to control a debugger and power from the debugger and control the debugger. So we're going to use the Type-C cable to power the board, and then we're going to use the ST link, V2, USB to set the option bytes and revert the board. So these are the steps to go through, one through six. We're actually going to do them in the hands-on, so you can refer to these later. But right now, this is just for reference. So method two, as I alluded to, is for when you think you've actually brick the board. And in the case of method two, when I say the trust zone is incorrectly configured, so if you set the trust zone and you enable re-protection level one with no code in the flash, you've kind of bricked it from a normal perspective. However, we can revert that. If the T then is one and the RDP equals one were set and all flashes secure, you also can't revert because you can't get to the option bytes. So the recovery begins by changing the boot mode, which I alluded to when we're talking about system loader. There is a physical pin, pH 13 boot zero on your nuclear board. And if you look at the edge connector, it'll identify it as boot zero, pH 13. That pin tied to VDD during a power-on reset will invoke the system loader. And if the trust zone is enabled, not only will it invoke the loader, but it will invoke the RSS. And that's how we're going to recover from what we think is a non-recoverable. So one of the nuclear boards, you have on the four corners on the bottom side, there's some burg jumpers on some ground pins. So in theory, you would take one of those jumpers off and then you would connect this pH 13 boot zero to VDD. They're both side by side. And then this boots into the RSS and then allows the option bytes to be released. Then you can do what we're going to do for method one. You can change it to RDP one. If it is already RDP one, you can revert it back and change the trust zone enable bit at the same time. So that's how you would get it back. And again, these are the physical steps that we're going to use, but we're not going to do method two. We're going to do method one. So just here's for a reference, if you do, get it into that. Okay. The final hands-on of the nine-part video series, we're going to use method one to deactivate the trust zone. All right. Here we go with reversion. The first thing we need to do is change the power source. So we're going to move the jumper on JP six from the right side from the SP link to the five-volt USB C cable. In method two, you would set the little jumper on the left-hand side as I alluded to, but we're not going to do that. We're going to use the type B cable to connect the ST link as we've always had. And now we're going to add the type C cable from the USB port at the bottom of the nuclear board to the PC. So we have the ST link connected, and we now have power through the USB type C. We're going to go ahead, as we've done in the past, and connect to the CUBE programmer. So ST link as the default, we're going to hit connect. We can see the messages, and we know that we have the board connected. Okay. So we're going to play with the option bytes. So the first thing we're going to do is select the option byte icon, which is going to open the option bytes, which we used previously to set the trust zone enable and the secure watermarks for flash one and flash two. So I'm saying to confirm that right now you have the blinking LEDs on your board, meaning that the blue and the green are toggling, which I know then that the secure program is, the secure side is calling the non-secure side. So you hit the reset button and you should see the lights toggling on your board. Next thing we want to do is change the readout protection from the level zero to that level one I referred to. So we're going to hit the readout selection. The default is AA, which is open. We want to change that to DC. And once we do that, we want to then hit apply. So after hitting apply, what's going to happen is you're going to get these messages, and this is where the scary part is. It's like, you know, enabling the RDP with the trust zone active, you can get to a point where you break it, but again, you could always recover through the RSS. So we're going to OK this brick warning. Are you really, really sure we want to OK that one as well? And then once it goes through and does it, you're going to get an error reloading the option bytes. This is normal because of the fact that once you set the read protection, you have to do a power on reset in order for things to actually take effect. This is a security feature when you physically have the JTAG connected to the L5 or any of the STM32s. So again, error uploading the OBS option bytes, you're going to get that error. So when the RDP level is set and needs a power on reset, it's a security feature. So what you're going to do is also look at your LEDs. They've stopped toggling. Nothing's actually working on the board. So to perform the power on reset, we're going to unplug the USB type C cable because that's applying power to the board. I'm going to plug it back in. Just recycle power. The secure and the non-secure application is going to start executing again, and the LEDs are going to start blinking. So once we cycle power, the LEDs are blinking, we're going to select read of the option bytes. I did this on purpose so that you can see that the physical connection between the CUBE programmer and the STM32 DL5 was broken. So we're basically going to have to reconnect again. So go ahead and OK the warning. So after you OK the warning, the default connection part will be the ST link. Again, hit connect. The RDP1 is now active, so you're going to get an error reading the date of the flash memory because that's what it does, the protection from reading the flash memory. You're going to OK that message. The SWD is connected, and the option bytes can be modified because in RDP level one, the option bytes are not protected from being changed. Now we have the ability to change the option bytes. So we're going to select the readout protection. We've actually changed it from AA to DC, so now the default's going to be DC. We want to change it back to AA, so select AA. We then want to open the user configuration tab bar, whatever you want to call it. This is where the D bank is enabled one, which we're going to leave as default because we want to keep the split banks as they are. But we want to disable the trust zone bit, so we want to uncheck the trust zone enable bit. We're going to apply these two operations, so both we're going to know are going to be sent at the same time to the SCM32L5 from the Q programmer. In theory, you could also do this within the application, so another whole other hands on to do that, but you could do it as well from the internal. So the next thing we're going to need to do is OK the option byte successful message coming back. So the option byte page is going to redraw itself because if you remember when we set the trust zone bit, the secure watermarks showed. So when you unset it, the secure watermarks go away. If you do the pull downs, you can check the trust zone enable is zero, the RDP is AA. So things have been reverted, trust zone's turned off. So how do we know that the SCM32L5 has been erased and that trust zone has been disabled? Well, you looked at the previous trust zone enable bit, but you can go back to the file editor, select the voice memory, and you can do select or add the actual memory range and to see zero, zero thousand or eight, zero, zero thousand and then select read. So that'll then actually go out to the device and you'll see that all the memory is full of FS. So that's how you revert when the secure side is calling the non-secure side and things are good. So this concludes the hands-on session number four. And method two would be the method you would use if you do the bricking, which you think you bricked when you had to invoke the RSS. So you can try that at your own pace. So I'm going to thank each of you for taking the time to sign up for this virtual hands-on and getting SCM32L5 nuclear board and following me for the last two hours. So what did we learn today? So we introduced the L5 device with the Cortex M33. We learned that all SCM32L5s include the trust zone, so you either turn it on or you turn it off and the factory default is off. When you enable the trust zone, the secure only application, only a single IDE project. When you have concurrent secure and non-secure applications, it's going to be a dual project setup. The IDE needs to be aware. So we used IAR, but again, Kyle and the Cube IDE have their own configurations. And when you disable the L5 trust zone, there's two methods, one where you're normally working. And typically, once you set the trust zone, you don't really need to turn it off as long as you don't set the re-protection. And the method two, if you think you're at a point where you totally can't communicate and invoke the RSS, you can go ahead. I want to thank you for taking your time. If you spent on all nine videos or just some part of the videos. If you need additional information about the STM32 trust zone, you can go to www.st.com. STM32L5. Again, thank you very much.