Building a secure firmware stack for a field-deployed embedded device in a critical infrastructure setting is harder than any whiteboard diagram suggests. In this talk, I'll walk through a complete, production-grade embedded security implementation on the STM32H5 microcontroller from the ground up.
We start with STM32H5 Option Bytes, configuring RDP, TZEN, etc before a single line of firmware runs.
Next, we build the cryptographic foundation: generating authentication and encryption private/public key pairs, establishing a root CA to leaf certificate hierarchy and signing a bootloader using STM32TrustedPackageCreator and STM32CubeProgrammer, and injecting identity using Segger DevPro.
From there: STiROT to anchor the chain of trust, secure boot, tamper-resistant firmware upgrade, and certificate-based JTAG lockdown, shutting the debug interface against physical attackers.
You'll leave with a concrete, end-to-end picture of what a properly locked-down Cortex-M device looks like in practice.