Topics - Jump To:

• STMicroelectronics Tools Integration

• Cyclone Programming Overview

  • Physical Setup
  • SAP Images
  • Control and Automation ♦
  • Power Provisioning and Measurement
  • Performance Metrics ♦

• ProCryption Security

  • The Encryption Process in a Nutshell
  • SAP Image Encryption Procedure and Features ♦

• Strong Protection, Simple Implementation

_______________________________________________________________________________________

STMicroelectronics Tools Integration

Before beginning, it is worth briefly noting that PEmicro offers integration and features that are geared towards STMicroelectronics devices to help make sure that projects are as obstacle-free as possible while they proceed toward the production programming phase.

• Multilink/Cyclone Debug with STM32CubeIDE from STMicroelectronics
• Option Byte Programming (STM32)
• Support for STMicroelectronics' STM32WB Wireless Stack Functionality

Cyclone Programming Overview

Cyclones are stand-alone programmers that are easy to setup and control. To start we will take a look at how they operate and some extremely useful features they offer.

Physical Setup

• Can operate Independent of a computer
• Controllable from the PC (Ethernet, USB, Serial)
• Consumes Stand-Alone Programming (SAP) images
• Various target programming communications:
  • BDM, JTAG, SWD, USB, etc

Cyclone Can Program Stand-Alone or be Controlled Via PC

SAP Images

SAP images combine all data needed for programming. They are created using an included utility and stored as single files on a PC or or in the Cyclone’s encrypted memory. For example, one essential part of the initial setup process will be selecting the algorithm for the specific STMicroelectronics device being used, and then creating a programming sequence using the specific commands and settings that it offers.

Control and Automation

When programming, Cyclones can be controlled individually or in groups, using one of the Control Suite components: Control Console, Control SDK, and Control GUI. 

• Control Console allows powerful scripted automation
• Control SDK allows custom software to control and automate Cyclones
• Manual control is also available via the Control GUI, including remote access to the Cyclone's screen

Multiple Cyclones Programming in Parallel

Some additional useful features include Dynamic Data and Serialization, as well as Overlay of data. Users programming STMicroelectronics devices on a production line will want to learn more about the Cyclone's powerful serial number capabilities. 

Power Provisioning and Measurement

Cyclone setups that will program STMicroelectronics targets may require different power schemes, depending on the design of the target board, target voltages, and even the device architecture. Cyclones are designed to:

• Optionally power a target before, during, and after programming 
• Source power at many voltage levels, from the Cyclone itself, or an external power supply
• Switch power as required

Cyclone Power Management

Current and voltage can also be measured during operation: 

A much more detailed exploration is available by reading 5 Different Ways to Power a Target with a Cyclone Programmer.

Performance Metrics

Time is money when it comes to production programming, so Cyclones are built to program and verify at extremely fast speeds:

ProCryption Security

Once a company has finished development of an STMicroelectronics project, the next step is often to shift to the production programming phase by sending their newly developed IP to a remote facility where their product will be programmed and tested.

One of the most important features that Cyclone programmers offer is ProCryption security. This allows SAP images, which contain that valuable intellectual property, to be encrypted such that they can only be unlocked by specific Cyclone units, and programmed under specific circumstances.

How might this work in practical terms?

The Encryption Process in a Nutshell

In order to understand how to manage the procedures, it is important to first take a brief look at how PEmicro encrypts programming images using ProCryption Security.

Programming Image Encryption Overview

In the simplest terms: The user will create an ImageKey. This ImageKey will then serve two functions:

1. The ImageKey will be used to encrypt SAP images during the image creation process. These eSAP images can then be safely distributed to a production facility.
2. That ImageKey must also be provisioned onto a Cyclone unit in order for that Cyclone to decrypt those same SAP images.

A more detailed explanation of this process is available by reading Cyclone ProCryption Security: RSA/AES Encryption Added for Production Programming.

SAP Image Encryption Procedure and Features

Therefore, in order to manage image encryption at a remote facility, there are two general procedures that will need to be followed: 

1) Initial ImageKey Creation and Provisioning of Cyclones (Infrequent)

This procedure is mainly for setup/preparation and will not occur often. If, for example, a product called "RunReady 2" needs to be programmed at the "XYZ Production" facility, the user would:

a. Create An "XYZ Production" ImageKey

ImageKey Creation via Cyclone Image Creation Utility

b. Provision one or more Cyclones with the "XYZ Production" ImageKey

Provision Cyclone with ImageKey via Control GUI

c. The provisioned Cyclones reside at, or can be sent to, the XYZ Production facility. 

This same ImageKey will then be used when encrypting "RunReady 2" programming images that are intended for that specific facility, and it is the presence of the ImageKey on the provisioned Cyclones that will allow them to decrypt those same images.

2) Using the ImageKey to Encrypt SAP Images During Creation (As Frequently As Needed)

The second procedure will happen as frequently as needed whenever the "RunReady 2" programming image is created or modified. This is often carried out using the Cyclone's Image Creation Utility but the procedure can also be automated. In the ProCryption Security area, the user would:

a. Select the "XYZ Production" ImageKey as the Image Encryption Setting

b.  Add Programming Restrictions

Another powerful feature of ProCryption Security is the ability to restrict programming by date range or number of programs/failures. When the time comes, for example, to create an updated eSAP image with a new date range, it is very easy to accomplish.

c. Generate An Encrypted Programming Image

The eSAP file is saved and ready to be distributed to Cyclones provisioned with the proper ImageKey.

A more detailed explanation of these procedures is available by reading Cyclone ProCryption Security: A Step by Step Example.

Note: Cyclone programmers leverage the industry leading wolfSSL cryptography stack to provide advanced cryptography protection and enablement for production programming setups.

Strong Protection, Simple Implementation

This example demonstrates how easy it is to set up and operate the Cyclone, and to add the security and control that the ProCryption Security license provides to the user's STMicroelectronics device production programming process. Once configured, it works seamlessly to keep valuable IP safe without a difficult management process.

Anyone interested in working with STMicroelectronics devices is welcome to contact PEmicro about support for specific devices, features offered by our tools, or any other question or concern.