By providing code for security mechanisms such as OP-TEE (Open Portable Trusted Execution Environment) and the TF-A (Trusted Firmware-A) project, ST helps STM32MP1 developers address the concepts of information security in their applications: confidentiality, integrity, availability, and authenticity verification. In addition, ST has extended the roster of Authorised Partners in embedded security with Sequitur Labs.
Sequitur Labs’ EmSPARK Security Suite for STM32MP1 is able to streamline firmware development implementing protective techniques such as secure boot and device authentication.
The EmSPARK Security Suite works with the Arm TrustZone architecture integral to the STM32MP1 and assists with secure provisioning to simplify deploying connected devices while keeping secrets safe. It has been optimised for applications such as industrial control, building automation, smart-home equipment, machine vision, automotive communication, and medical devices.
These new resources join the STM32MP1 ecosystem alongside solutions from Authorised Partners that include: Prove&Run, TimeSys, and Witekio, which provide reliable and field-tested solutions to security-software development challenges.
ProvenRun helps STM32MP1 customers integrate security in their design by providing custom security engineering services (secure boot, secure firmware, OP-TEE) and more advanced solutions leveraging on ProvenCore, a secure OS that has been certified.
The TimeSys Vigiles Vulnerability Management Suite is embedded in OpenSTLinux and watches for relevant vulnerabilities that open devices to cyberattacks. Vigiles also provides remediation information for device lifecycle management.
Witekio’s FullMetalUpdate open-source over-the-air (OTA) solution helps IoT platform operators manage their own OTA updates, combining security with flexibility and economy.
ST has also revealed details of software expansion packages tailored for STM32MP1 that help customers leverage AI in computer-vision projects and accelerate development of predictive-maintenance applications. These include X-LINUX-AI, an OpenSTLinux Expansion Package that targets Artificial Intelligence for STM32MP1 microprocessors. The package contains Linux AI frameworks and application examples to help users quickly begin implementing computer-vision use cases with STM32 Evaluation Boards and Discovery Kits.
To accelerate development of predictive-maintenance applications, the X-LINUX-PREDMNT expansion package helps implement edge gateway features between sensors and cloud services. It contains functions for sending processed sensor data to the IoT cloud, visualizing data on the dashboard, and analyzing the data to detect conditions that may indicate the need for maintenance intervention. X-LINUX-PREDMNT also includes the AWS IoT Greengrass Edge Computing service.
ST has also added safety documentation and a self-test library software package, X-CUBE-STL, that suit building and certifying functional-safety systems to IEC 61508 safety integrity levels SIL-2 and SIL-3.
Leveraging X-CUBE-STL and the separation concept of STM32MP1’s dual-core architecture, developers can cost-effectively separate the safe partition -- managed by the Arm Cortex-M4 core -- from the non-safety-related application on the Arm Cortex-A7, helping to accelerate time to market for factory automation, battery management, meters, and medical devices.