Creator: STMicroelectronics
X-CUBE-STL now helps the STM32MP1, the STM32U5, the STM32L5, the STM32H5, and the STM32WL. In essence, probably the most intensive household of general-purpose microcontrollers able to working Security Integrity Stage 2 and three licensed techniques continues to develop, and groups needing to meet IEC 61508, ISO 13849, and IEC 61800 necessities can accomplish that on our newest gadgets. Moreover, the Useful Security web page will make discovering the assorted ST sources that can help builders striving for industrial or family electrical equipment certifications simpler. It additionally lists the ST Licensed Companions offering real-time working techniques, growth instruments, engineering companies, and coaching to make sure groups can cross the bridge from proof-of-concept to business merchandise.
The Worldwide Electrotechnical Fee defines security because the “freedom from unacceptable threat of bodily damage or of harm to folks’s well being.” When designing an embedded system, useful security covers the assorted features of security that rely on that system. As an example, in a producing plant, useful security ensures that in case of an inside failure, the circuit controlling a robotic fails gracefully as an alternative of harming its operators. In a medical software, requirements assure that customers are conscious of malfunctions by way of an alarm, amongst different issues, to stop detrimental utilization. And since our STM32 microcontrollers are in all places, we wanted to see that all of them had a simple path to IEC 61508 for industrial purposes.
Earlier than X-CUBE-STL: The best way to begin engaged on an IEC 61508 certification
The IEC 61508 governs useful security for electrical and digital techniques in all types of industries and purposes. Nevertheless, many STM32 customers search this certification when working in an industrial setting the place dangers are increased and necessities extra stringent. The primary important facet of the usual is the protection life cycle. Earlier than anything, engineers should doc all of the steps and measures they’ll take to perform useful security, from the primary design operations to the product’s decommissioning. The method consists of threat evaluation, security protocols, and validations, upkeep, and many others.
Our Useful Security web page is a good start line for engineers as a result of it gives a “security handbook” for almost all STM32 microcontrollers, thus guaranteeing that groups can start engaged on defining their product’s life cycle. Most documentation focuses on IEC 61508 compliance. Nevertheless, we lately revealed an software be aware (AN5698) to assist engineers adapt what’s within the X-CUBE-STL package deal to different security certifications, similar to ISO 13849, for security of equipment. We additionally present a failure mode and impact evaluation (FMEA), which lists all of the MCU failure modes and find out how to mitigate them. Equally, the failure mode impact and diagnostic evaluation (FMEDA) extends the previous and computes failure charges for the MCU on the perform degree.
X-CUBE-STL: Self-test libraries to extra quickly receive SIL 2 or SIL 3 certifications
Understanding Security Integrity Ranges
The second facet of IEC 61508 is the project of a Security Integrity Stage (SIL). After a hazard evaluation determines what can go flawed and the way badly it will probably injury an individual or the setting, there’s a threat evaluation to find out how typically or how possible a hazard can happen. From these analyses, useful security requirements draw security necessities or SIL.
There are 4 ranges, the primary being the laxest and the fourth representing the strictest customary. SIL 4 is historically for railway or nuclear purposes. SIL 1 is looser and tends to use to monitoring/info gadgets like CCTV, whereas SIL 2 and three are way more frequent in {hardware} designed for industrial purposes. The principle distinction is the requirement to carry out redundant measurements in SIL 3.
Realizing find out how to get began
To start out working towards SIL 2 or SIL 3 certifications, groups start by deciding on an STM32 with the {hardware} security options that match their software’s requirement. As an example, all our MCUs have a twin watchdog, however solely the STM32G0, STM32G4, STM32H5, STM32H7, STM32L4/L4+, STM32L5, STM32U5, STM32WB/A, and STM32WL have ECC Flash reminiscence, and out of them, solely the STM32H7, STM32H5, and STM32U5 have ECC SRAM, which is historically solely a requirement for high-performance purposes.
Groups also can use the self-test libraries accessible within the X-CUBE-STL to begin implementing failure detection mechanisms. As an example, they might help spot random failures within the CPU, the SRAM, or the Flash. The diagnostic functionality of X-CUBE-STL is verified by fault injection methodology to enhance the purchasers’ confidence in our options. To make these libraries extra accessible, we provide them as object code, which means that they are often built-in into any software, and builders can use any compiler.
X-CUBE-STL gives object code to assist builders run self-tests on STM32 MCUs. Consequently, as a result of we ship an object code, builders can combine it into their software program, certify one object, and reuse it a number of instances because it doesn’t rely on the compiler model or different dependencies. It drastically facilitates the method when making use of to certification our bodies.
X-CUBE-CLASSB and why an ecosystem issues
Sharing sources
Not too long ago, ST up to date its X-CUBE-CLASSB, which targets electrical family home equipment, to align it with X-CUBE-STL. Put merely, whereas they’ve totally different person manuals and totally different functions, the selt-test libraries share the identical code base with X-CUBE-STL. Therefore, it turns into a lot simpler to acquire a couple of certification on the identical {hardware} platform. Moreover, since these certifications are a lot much less stringent than IEC 61508, the power to make use of the identical object code because the X-CUBE-STL gives better assurance. The software program package deal presently helps the STM32U5, STM32G0, STM32C0, STM32L4, STM32G4, STM32WL, STM32MP1, STM32H5, STM32F7, and STM32H7. Help for the STM32H7R/S, STM32U0, and STM32F4 will arrive by the top of the yr.
Optimizing useful security
All these packages flip our STM32 general-purpose microcontrollers into nice candidates for probably the most advanced protocols. Historically, MCUs geared toward these requirements are customized merchandise, which signifies that they’re much costlier and use {hardware} specs which might be typically extra prohibitive in a technique or one other. ST’s strategy is thus distinctive as a result of we make these requirements extra accessible and supply an important community of companions. In lots of situations, utilizing two STM32s remains to be cheaper than utilizing one MCU offered particularly for security.
As nice because the documentation and self-test libraries are, we all know that they symbolize solely the primary steps in an extended course of. Many groups typically underestimate the difficulties related to getting a certification. Therefore, we even have ST Licensed Companions who know our gadgets and may guarantee engineers cross the end line by delivery an authorized product.
