STSAFE Provisioning
These projects are used to personalize STSAFE-A110 Secure Element for Secure Boot & Secure firmware Update application.
Project needs to be compiled to generate the binary file to be loaded inside STM32 that allow the personalization of the STSAFE-A110 chip. It will perform the following tasks:
- Provision the pairing keys in both STSAFE-A110 and STM32L4
- Provision the Certificates (Root CA and OEM CA) used by SBSFU
SBSFU has his own set of certificates fully independent from the one required to connect to AWS platform (e.g. Device Certificate)
STSAFE-A110 Personalization
STSAFE-A110 Secure Element Production Flow - SPL02 Profile
Provisioning Of Secrets
Hidden costs/risks/complexity in manufacturing
TLS assets handled by a tamper-resistant Secure Element
The Elliptic Curve cryptography is off-loaded to the STSAFE-A from the MCU reducing the amount of SRAM needed by the MCU
The IoT Devices Private Key is stored securely in STSAFE-A tamper-resistant memory
TLS Communication
