ST’s Secure Manager simplifies development of secure embedded applications

1 min read

STMicroelectronics has unveiled the STM32Trust TEE Secure Manager.

It is the first microcontroller system-on-chip security solution that simplifies embedded application development to assure out-of-the-box protection.

First used in the new STM32H5, the STM32TrusTEE Secure Manager has been developed to save developers having to write and validate their own code while providing security services developed according to best practices.

“The growing emphasis on application security and customers’ need to deliver certified secure, high-performance applications quickly, encouraged us to work closely with ST Authorized Partner ProvenRun to build the STM32Trust TEE Secure Manager,” explained Ricardo De Sa Earp, Executive Vice President General-Purpose Microcontroller Sub-Group, Microcontrollers and Digital ICs Group. “The Secure Manager keeps users, assets, and data secure by enhancing and simplifying the addition of valuable security services to customer developments while easing their certifications.”

As a lead development partner with Arm, ST supported the development of the Cortex-M33 core to comply with the PSA Level 3 security specifications. In addition, ST has collaborated with Microsoft Azure on middleware with strong security and worked with ProvenRun in the development of the STM32Trust TEE Secure Manager, powered by the company’s ProvenCore-M secure Trusted Execution Environment Operating System.

In addition, ST has pre-qualified the Kudelski IoT keySTREAM root of trust, from ST Authorised Partner Kudelski IoT, on the Secure Manager to allow remote credential lifecycle management services. The result is a plug-in security solution providing security services that include isolation, cryptography, key storage, and initial attestation.

“Digital identities, provisioning and credentials management are at the heart of security for IoT devices. The pre-integration and validation of our IoT keySTREAM within ST’s Secure Manager increases device security while relieving the manufacturer’s pain of managing credentials in complex and insecure production environments by enabling in-field, zero-touch provisioning,” said Hardy Schmidbauer, SVP of Kudelski IoT.

Following its inclusion in the STM32H5, ST plans to make the STM32Trust TEE Secure Manager available on a broad range of STM32 MCU series.