Aayush Gupta
Senior Firmware Engineer at Landis Gyr
Delhi, India
Actions
Aayush is a Senior Firmware Engineer at Landis Gyr with over 8 years of experience in the developing secure and low-level software for embedded systems. Specialized in Industrial IOT, Medical Devices, Smart Energy Metering, currently focusing on the Root of Trust and Secure boot architectures.
Links
Area of Expertise
Topics
Lock It Down: STiROT, Secure Boot, Device Provisioning & JTAG on STM32H5
Building a secure firmware stack for a field-deployed embedded device in critical infrastructure is harder than any whiteboard diagram suggests and the consequences of getting it wrong are real.
In this talk, I'll walk through a complete, production-grade security implementation aligned with SESIP on the STM32H5 from the ground up: starting with Option Bytes (RDP, TZEN) before a single line of firmware runs, generating authentication and encryption private/public key pairs, building a cryptographic identity using root CA to leaf certificate chains, signing bootloaders with STM32TrustedPackageCreator, and injecting device identity via Segger DevPro.
Then we go deeper: anchoring the chain of trust with STiROT, enforcing secure boot, hardening firmware upgrades, and finally locking down the JTAG debug interface against physical attackers using certificate-based authentication.
You'll leave with a concrete, end-to-end blueprint you can apply to your own Cortex-M devices just not theory, but the exact sequence a production deployment demand.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top