SoC
  • Home
  • Arm
  • Arm Cortex M0/M0+
  • Arm Cortex M4
  • Arm Cortex M3
  • Contact
Reading: Cortex-M33 Bootloader
SUBSCRIBE
SoCSoC
Font ResizerAa
  • Home
  • Arm
  • Arm Cortex M0/M0+
  • Arm Cortex M4
Search
  • Home
  • Arm
  • Arm Cortex M0/M0+
  • Arm Cortex M4
Have an existing account? Sign In
Follow US
  • Looking for Something?
  • Privacy Policy
  • About Us
  • Sitemap
  • Contact Us
© S-O-C.ORG, All Rights Reserved.
Arm

Cortex-M33 Bootloader

Graham Kruk
Last updated: October 5, 2023 9:55 am
Graham Kruk 7 Min Read
Share
SHARE

A bootloader is a small program that runs when a device first powers on and initializes the device’s hardware and software components to get the system into an operable state before loading the main operating system or application. On ARM Cortex-M33 based microcontrollers, the bootloader has a crucial role in establishing security and enabling firmware updates.

Contents
Role of the BootloaderBootloader InitializationAuthentication and SecurityFirmware UpdatesBooting the ApplicationBootloader Programming ModelsBootloader ImplementationTesting the BootloaderConclusion

Role of the Bootloader

The main responsibilities of a Cortex-M33 bootloader include:

  • Initializing system clocks, memory, and hardware peripherals
  • Establishing secure environments and authentication
  • Validating firmware images before booting
  • Supporting firmware updates and recovery modes
  • Passing execution to the main application firmware

By handling essential low-level initalization and security functions, the bootloader creates the foundation for reliable and robust system operation.

Bootloader Initialization

When power is first applied to a Cortex-M33 system, the processor begins executing code based on the vector table location defined in the Initial Program Counter (IPC) register. This is typically configured to point to the start of the embedded flash memory where the bootloader code resides.

The bootloader must configure core system clocks, enable RAM, and initialize hardware peripherals like power management IC’s, oscillators, communication buses, and I/O ports. Board support packages (BSPs) usually provide substrate code to initialize device-specific hardware. The bootloader may also set up memory protection units and caches if supported by the MCU.

Authentication and Security

As a privileged first code running on the device, the bootloader is responsible for establishing secure environments and verifying firmware authenticity. The Cortex-M33 supports Armv8-M Security Extensions that can be leveraged by the bootloader for strong authentication.

Typically the bootloader will switch the processor from the default unprivileged Thread Mode to privileged Handler Mode to enable access to authentication peripherals and registers. It may also configure TrustZone memory partitioning and isolation mechanisms.

To verify firmware validity, the bootloader can validate cryptographic signatures attached to the firmware images using on-chip hardware accelerators. For example, the Internal TrustZone CryptoCell authenticates digital signatures using RSA or ECC alongside secure storage for keys.

Firmware Updates

A key capability provided by the bootloader is handling field firmware updates. The bootloader allows new firmware to be programmed onto the device storage while verifying integrity before swapping out the old firmware.

The bootloader may read firmware version numbers and validate whether the new firmware is suitable for the hardware configuration. Cryptographic checks are performed to ensure the firmware being loaded was generated by a trusted authority.

An important aspect is implementing robust firmware update recovery and fallback mechanisms in the bootloader. For example, maintaining dual storage banks to hold both new and old firmware, and having recovery logic to detect faults and revert back to the last known good firmware.

Booting the Application

After completing its initialization and security procedures, the bootloader will transfer execution to the main application firmware. This is done by setting the program counter to the reset vector in the application firmware image.

Any runtime data like clock calibration values, security keys, or firmware version numbers maintained by the bootloader may be passed to the application via special hand-off data structures.

To support field updates, the bootloader remains present in system memory so that it gains control on subsequent reboots to handle the firmware update process. The memory layout is designed accordingly to allow both bootloader and application access.

Bootloader Programming Models

Bootloaders for Cortex-M33 microcontrollers can leverage different programming models based on the specific MCU and use case:

  • ROM Based: The bootloader code resides in masked ROM or one-time programmable memory, reducing size requirements on flash memory.
  • Flash Based: The bootloader resides in field updateable flash allowing for flexibility in bug fixes and updates.
  • External Host: A host developer connects and loads the bootloader onto the target dynamically.

ROM based bootloaders have minimal footprint but lack field update capability. Flash based bootloaders enable remote updates while adding resource needs. The optimal approach depends on factors like security needs and the freedom to change the bootloader during development.

Bootloader Implementation

From an implementation standpoint, Cortex-M33 bootloaders typically leverage libraries and frameworks provided by silicon vendors, Real Time Operating Systems (RTOS), and toolchain vendors.

For example, software components like:

  • ARM CMSIS libraries for core MCU initialization
  • MBed OS bootloader libraries
  • RTOS board support and kernel libraries
  • Driver libraries for flash programming and cryptographic hardware

These components abstract hardware initialization complexity and enable quicker bootloader development. Vendor provided demos and examples for common MCU’s provide good starting points.

Bootloader performance can be optimized by efficiently ordering initalization sequences, minimizing waits and delays, optimizing cryptographic operations, and streamlining parameter passing to the application firmware.

Testing the Bootloader

Rigorous testing across a range of conditions is critical for bootloader robustness. Typical testing methods include:

  • Unit tests for individual modules and integration testing.
  • Simulation based testing using ARM Models and virtual prototypes.
  • Automated tests for security vulnerability scanning.
  • Hardware in loop testing with fault injection mechanisms.
  • Production system testing for reliability metrics.

Testing should cover normal flows as well as corner cases like security attacks, fault conditions, aborted updates, unexpected resets, and out of bounds data. Tracing, logging, and debugging features need to be implemented to support testing.

Conclusion

The Cortex-M33 bootloader plays a foundational role in platform security and robustness. Key design aspects include cryptographic authentication, firmware update capability, and trusted boot mechanisms tailored to the application security needs. Leveraging available software libraries while rigorously testing the bootloader enables efficient and accelerated development.

Newsletter Form (#3)

More ARM insights right in your inbox

 


Share This Article
Facebook Twitter Email Copy Link Print
Previous Article stm32 bootloader example
Next Article How to Write a Bootloader for x86
Leave a comment Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

2k Followers Like
3k Followers Follow
10.1k Followers Pin
- Sponsored-
Ad image

You Might Also Like

Cortex-M0/M3/M4 support for Thumb vs Thumb-2 instructions

The Cortex-M0, Cortex-M3, and Cortex-M4 ARM processors all support both…

6 Min Read

What is the difference between ARM Cortex-A and ARM Cortex-M?

The key differences between ARM Cortex-A and ARM Cortex-M processors…

6 Min Read

Accessing Constants and Immediate Values in ARM Instructions (Cortex M)

ARM Cortex M processors provide several ways to access constant…

7 Min Read

What is the use of arm cortex M?

The ARM Cortex-M is a group of 32-bit RISC ARM…

6 Min Read
SoCSoC
  • Looking for Something?
  • Privacy Policy
  • About Us
  • Sitemap
  • Contact Us
Welcome Back!

Sign in to your account