 Hello, and welcome to this presentation of the STM32WB Cortex-M0 Plus security features. The Cortex-M0 Plus security manages the firmware and peripheral security, and is used to authenticate the ST radio firmware, and allows the secure handling of cryptographic keys. The Cortex-M0 Plus security uses secure options to control flash memory, SRAM 2, and debug security. The AES encryption machine, private key accelerator, and true random number generator are peripherals whose security is managed dynamically by the secure Cortex-M0 Plus core through secure register bits in the system configuration block. The Cortex-M0 Plus security is based on giving exclusive access to a secure area in flash memory and in SRAM 2A and SRAM 2B. Additionally, peripherals such as AES1, AES2, private key accelerator, and true random number generator can be made secure to allow secure cryptography and key generation. The secure memory areas and peripherals are not accessible by the Cortex-M4 and neither through the debugger. The Cortex-M0 Plus security is completely handled by the Cortex-M0 Plus itself. At STM32WB production, the Cortex-M0 Plus security is enabled after the root security service or RSS firmware has been programmed into the user flash memory. Any subsequent Cortex-M0 Plus firmware update, connectivity stack or RSS is handled by the RSS and modifies the Cortex-M0 Plus security parameters as needed. The AES2, PKA, and RNG security is fully handled by the Cortex-M0 Plus whenever needed by the Cortex-M0 Plus firmware. The AES1 key security is also managed by the Cortex-M0 Plus when requested by the Cortex-M4 application firmware. The Cortex-M0 Plus security is controlled through secure user options loaded at device startup in the secure flash register and secure RAM and reset vector register. The secure user options can only be modified by the secure Cortex-M0 Plus. In other words, to change parameters when a secure Cortex-M0 software is updated. The non-secure Cortex-M4 has read access to the secure user options to be able to determine the start of the secure areas. Memory security is enabled and configured by secure user options. The flash security disable bit enables the global Cortex-M0 Plus security. The secure flash start address defines the start address from which the flash memory is secure. The backup RAM security disable bit controls the security on the backup RAM and the secure backup RAM start address defines the start address from which the backup RAM is secure. The non-backup RAM security disable bit is used to enable security on the non-backup RAM and the secure non-backup RAM start address defines the start address from which the non-backup RAM is secure. The debug access to the secure areas is controlled by the debug disable security bit. The enable security environment bit is a read only bit as the security is always enabled on the Cortex-M0 Plus core. The top of the memories can be secured for exclusive Cortex-M0 Plus access. The top of the flash memory starting from the secure flash start address is secure when the flash security disable bit or FSD is set to zero. The top of the backup SRAM 2A starting from the secure backup RAM start address or SBRSA is secure when both the flash security disable and backup RAM security disable or BBRSD bits are set to zero. The top of the non-backup SRAM 2B starting from the secure non-backup RAM start address or SNBRSA is secure when both the flash security disable and non-backup RAM security disable or NBRSD bits are set to zero. It is possible to only secure the flash memory without any RAM security however it is recommended to secure both the flash memory and RAM used by the Cortex-M0 Plus software. The Cortex-M0 Plus boot reset factor is to be programmed in the secure boot reset vector option and secure CPU 2 option. At production the Cortex-M0 Plus boot reset vector points to the root secure service start address in flash memory. In secure mode the Cortex-M0 Plus boot reset factor can only be changed by the secure Cortex-M0 Plus side. Cortex-M0 Plus debug access is controlled by the debug disable option bit. It is independent from security and can be enabled and disabled in both secure and non-secure modes. In secure mode debug access control can only be changed by the secure Cortex-M0 Plus side. The STM32WB has a single flash memory for both the Cortex-M4 and Cortex-M0 Plus software. The Cortex-M0 Plus security prevents secure flash memory pages from being erased by the non-secure Cortex-M4. A Cortex-M4 flash mass erase operation will be rejected and a multiple block erase has to be used to erase the Cortex-M4 software. When regressing the read protection from level 1 to level 0 only the non-secure part of the flash memory will be erased. The secure Cortex-M0 Plus software will be retained. The complete flash memory is mass erased and the security is removed only when regressing the read protection from level 1 to level 0. In this case the ST radio stack authentication and security is lost and can no longer be programmed. The AES accelerator 1, AES accelerator 2, public key accelerator and true random number generator peripherals can dynamically be made secure by Cortex-M0 Plus firmware through secure register bits in the system configuration block. The AES-2 public key accelerator and true random number generator peripherals provide full peripheral security. The AES-1 provides only key security which allows the application running on the Cortex-M4 to use cryptography with a secure key. Secure key storage is provided by the Cortex-M0 Plus firmware. The Cortex-M4 may read the peripheral security bit to determine its security status. The radio stack running on the Cortex-M0 Plus provides cryptographic key management to the application. The cryptographic keys are generated and stored on the secure Cortex-M0 Plus side using the cryptographic key storage or CKS. The ST-M32WB includes a pre-programmed RSS which allows the secure Cortex-M0 Plus software to be updated. Both the radio stack software and the RSS itself can be updated. Secure software can be downloaded via in-circuit programming by the system bootloader or via in-application programming by an application bootloader including over-the-air or OTA. Secure Cortex-M0 Plus software update is possible in all read protection levels, 0, 1 and 2. This slide lists the events generated by the Cortex-M0 Plus security feature. Events are only generated to the non-secure Cortex-M4. Reading on the Cortex-M4 access type, a bus error is generated to the non-secure Cortex-M4. Reading secure areas returns zeros. Only the secure user options and system configuration peripheral security enable bits can be read by the non-secure Cortex-M4. In addition to this training, you may find the flash memory interface and system configuration modules useful.