The process of setting up Cyclone programmers to perform production programming at a local or remote facility is simple and straightforward. PEmicro's Cyclones support programming of STMicroelectronics' popular STM32 and Bluetooth Low-Energy (BlueNRG) devices, as well as the SPC5 automotive and STM8 8-bit families. In addition, Cyclone programmers leverage PEmicro's ProCryption Security to use industry-standard RSA/AES cryptography to safeguard programming images containing valuable IP. The IP owner also gains added control over factors like when and how many devices can be programmed, and how many errors are allowed. This article will provide an overview of Cyclone programming - what the various components are and how they interact - and then explore the security aspect of the production programming process, in order to show that IP security does not need to be unduly complicated or expensive to be effective. Topics - Jump To: _______________________________________________________________________________________ Before beginning, it is worth briefly noting that PEmicro offers integration and features that are geared towards STMicroelectronics devices to help make sure that projects are as obstacle-free as possible while they proceed toward the production programming phase. Cyclones are stand-alone programmers that are easy to setup and control. To start we will take a look at how they operate and some extremely useful features they offer. Cyclone Can Program Stand-Alone or be Controlled Via PC SAP images combine all data needed for programming. They are created using an included utility and stored as single files on a PC or or in the Cyclone’s encrypted memory. For example, one essential part of the initial setup process will be selecting the algorithm for the specific STMicroelectronics device being used, and then creating a programming sequence using the specific commands and settings that it offers. BIN - Binary Files ALG - Target Config CFG - Configuration File ADV - Advanced Options When programming, Cyclones can be controlled individually or in groups, using one of the Control Suite components: Control Console, Control SDK, and Control GUI. Multiple Cyclones Programming in Parallel Some additional useful features include Dynamic Data and Serialization, as well as Overlay of data. Users programming STMicroelectronics devices on a production line will want to learn more about the Cyclone's powerful serial number capabilities. Cyclone setups that will program STMicroelectronics targets may require different power schemes, depending on the design of the target board, target voltages, and even the device architecture. Cyclones are designed to: Cyclone Power Management Current and voltage can also be measured during operation: A much more detailed exploration is available by reading 5 Different Ways to Power a Target with a Cyclone Programmer. Time is money when it comes to production programming, so Cyclones are built to program and verify at extremely fast speeds: Once a company has finished development of an STMicroelectronics project, the next step is often to shift to the production programming phase by sending their newly developed IP to a remote facility where their product will be programmed and tested. One of the most important features that Cyclone programmers offer is ProCryption security. This allows SAP images, which contain that valuable intellectual property, to be encrypted such that they can only be unlocked by specific Cyclone units, and programmed under specific circumstances. How might this work in practical terms? In order to understand how to manage the procedures, it is important to first take a brief look at how PEmicro encrypts programming images using ProCryption Security. Programming Image Encryption Overview In the simplest terms: The user will create an ImageKey. This ImageKey will then serve two functions: A more detailed explanation of this process is available by reading Cyclone ProCryption Security: RSA/AES Encryption Added for Production Programming. Therefore, in order to manage image encryption at a remote facility, there are two general procedures that will need to be followed: This procedure is mainly for setup/preparation and will not occur often. If, for example, a product called "RunReady 2" needs to be programmed at the "XYZ Production" facility, the user would: a. Create An "XYZ Production" ImageKey ImageKey Creation via Cyclone Image Creation Utility b. Provision one or more Cyclones with the "XYZ Production" ImageKey Provision Cyclone with ImageKey via Control GUI c. The provisioned Cyclones reside at, or can be sent to, the XYZ Production facility. This same ImageKey will then be used when encrypting "RunReady 2" programming images that are intended for that specific facility, and it is the presence of the ImageKey on the provisioned Cyclones that will allow them to decrypt those same images. The second procedure will happen as frequently as needed whenever the "RunReady 2" programming image is created or modified. This is often carried out using the Cyclone's Image Creation Utility but the procedure can also be automated. In the ProCryption Security area, the user would: a. Select the "XYZ Production" ImageKey as the Image Encryption Setting b. Add Programming Restrictions Another powerful feature of ProCryption Security is the ability to restrict programming by date range or number of programs/failures. When the time comes, for example, to create an updated eSAP image with a new date range, it is very easy to accomplish. c. Generate An Encrypted Programming Image The eSAP file is saved and ready to be distributed to Cyclones provisioned with the proper ImageKey. A more detailed explanation of these procedures is available by reading Cyclone ProCryption Security: A Step by Step Example. Note: Cyclone programmers leverage the industry leading wolfSSL cryptography stack to provide advanced cryptography protection and enablement for production programming setups. This example demonstrates how easy it is to set up and operate the Cyclone, and to add the security and control that the ProCryption Security license provides to the user's STMicroelectronics device production programming process. Once configured, it works seamlessly to keep valuable IP safe without a difficult management process. Anyone interested in working with STMicroelectronics devices is welcome to contact PEmicro about support for specific devices, features offered by our tools, or any other question or concern.STMicroelectronics Tools Integration
Cyclone Programming Overview
Physical Setup
SAP Images
(Algorithm) Data
Algorithms
Settings
ScriptControl and Automation
Power Provisioning and Measurement
Performance Metrics
Cyclone FX Multilink FX Target Program (Standalone) Verify (Standalone) Program (PROGACMP) Verify (PROGACMP) STM32L552ZE 95 KB/s 575 KB/s 87 KB/s 206 KB/s STM32G491RE 106 KB/s 1435 KB/s 98 KB/s 184 KB/s STM32U5 262KB/s 699 KB/s 91 KB/s 161 KB/s STM32H7A3ZI 584 KB/s 630 KB/s 167 KB/s 176 KB/s ProCryption Security
The Encryption Process in a Nutshell
SAP Image Encryption Procedure and Features
1) Initial ImageKey Creation and Provisioning of Cyclones (Infrequent)
2) Using the ImageKey to Encrypt SAP Images During Creation (As Frequently As Needed)
Strong Protection, Simple Implementation
Tags related to this Blog Post
Cyclone
Cyclone FX
Multilink
Multilink FX
Prog ACMP
Interface Library Routines
ARM
STMicroelectronics
Production Programming
Debug
Automated Control