CycloneBOOT
Secure Bootloader for ARM Cortex-M MCU

CycloneBOOT is a secure firmware update solution targeting 32-bit microcontrollers. It provides a reliable and secure method for booting and updating the firmware of your device. Tailored to work with a variety of ARM Cortex-M based microcontrollers, CycloneBOOT ensures a seamless boot process every time.

CycloneBOOT is available either as open source (GPLv2 license) or under a royalty-free commercial license (non-GPL license). We also propose an evaluation license (90-day license in source form) with technical support for an easier onboarding and effective evaluation of our software.

CycloneBOOT Secure TCP/IP Bootloader for Microcontroller (MCU)

Main Features

CycloneBOOT includes several security measures to protect against external threats and unauthorized access. It features a secure boot process that verifies the integrity of the firmware update before processing it. It is also capable of working with encrypted firmware and supports authentication or digital signature to verify the incoming firmware updates.

CycloneBOOT is protocol agnostic, allowing firmware updates to be performed using various communication channels such as Ethernet, USB, UART, Wi-Fi, Cellular Modem, etc. It features a simple and intuitive interface, making it easy to integrate alongside your existing firmware and your favorite protocol.

CycloneBOOT offers versatile support for various memory partitioning configurations. Featuring In-Application Programming (IAP), it accommodates Single Bank MCUs used with or without external flash, as well as Dual Bank MCUs. This flexibility enables to tailor the boot process to suit different scenarios.

CycloneBOOT includes fallback and anti-rollback support to ensure that your device is always able to boot, even in the event of a failure. The fallback feature allows user to revert to a previous firmware if the latest firmware contains bugs or serious issues. The anti-rollback feature prevents unauthorized downgrades of the current firmware, ensuring that only latest versions of the firmware are used. This helps to protect against potential vulnerabilities that may exist in older firmware versions.

Detailed Feature List

  • Secure firmware update solution for 32-bit MCUs (ARM Cortex-M)
  • Include an Update Library and a static Bootloader
  • Can be integrated in client or server operation
  • Support for In-Application Programming (IAP)
  • Support for MCU with Dual Bank or Single Bank Flash
  • Support for external Flash (on request)
  • Can run alongside a RTOS or in Bare Metal
  • Support for encrypted firmware image using AES-CBC
  • Integrity verification of firmware (CRC32, MD5, SHA-1, SHA-224, SHA-256, SHA-384 or SHA-512)
  • Authentication of firmware using HMAC
  • Signature of firmware using RSA or ECDSA
  • Fallback support (restore previous firmware version if needed)
  • Anti-rollback support (prevent installing a previous firmware version)
  • CLI tool running on Windows or Linux to build a secure firmware image (can encrypt the firmware and compute an integrity tag, an authentication tag or a signature)
Secure Firmware Update
Secure Firmware Update

Easy to use with TCP/IP Protocols

With our experience on TCP/IP protocols we can provide you with a ready-to-use Ethernet Bootloader by bundling CycloneBOOT with CycloneTCP (TCP/IP stack), CycloneSSL (TLS library) and CycloneSSH (SSH library). You could for example fetch the new firmware image over Internet (LAN, Wi-Fi, Cellular Modem) using protocols like:

  • TFTP / FTP / FTPS
  • HTTP / HTTPS
  • MQTT / MQTTS
  • SFTP / SCP ...

Supported Microcontrollers

  • STM32L4
  • STM32F4
  • STM32F7
  • STM32H7
  • STM32U5
  • STM32H5NEW
  • ATSAME54

Supported Toolchains / Compilers

Toolchain / IDECompiler
MakefileGCC
IAR Embedded WorkbenchEWARM
Keil MDK-ARMARM Compiler v5, ARM Compiler v6 (CLANG)
Microchip StudioGCC
ST STM32CubeIDEGCC

Download CycloneBOOT

Both Open Source and Evaluation packages of CycloneBOOT can be obtained from this page.

Note: These packages also include CycloneTCP (TCP/IP stack), CycloneSSH (SSH library with SFTP protocol) and various third-party software (BSP drivers, HAL layers, RTOS, etc.) for demonstration purpose.

Download CycloneBOOT
Open Source Version
(GPLv2 license)
v2.5.0 | ZIP ~31 MB Download CycloneBOOT
Evaluation Version
(90-day license)
v2.5.0 | ZIP ~31 MB Download CycloneBOOT
Commercial Version
(non-GPL license)
Customer Portal
More details on licensing options

CycloneBOOT Release History

This section provides version history and main changes.

VersionDateLinksChanges
2.5.0Feb. 10, 2025Open | Eval
Version Change Notice
  • In this release, we are aligning the version numbering of CycloneBOOT with the versioning scheme used for all our other software products, ensuring a consistent versioning structure across all our software.
  • The version change is driven by our shared dependency on the 2.5.0 version of the cryptographic library (CycloneCRYPTO), now consistent across all of our security products.
  • As part of this alignment, the version of this new CycloneBOOT release is 2.5.0, succeeding the previous legacy version L.3.0.6. All future releases will follow the new versioning system (2.5.x).
What this means for you:
  • The version number change does not affect the functionality or features of the product. The underlying product remains the same, with updates and improvements applied as usual.
  • Any major changes will be highlighted as usual
Improvements
  • CycloneCRYPTO library has been updated to version 2.5.0
L.3.0.6
Legacy version
Dec. 13, 2024Open | Eval
New
  • Add support for STM32H5 family
  • New evaluation board supported (Nucleo-H563ZI)
  • Add SFTP Server demonstration project for Nucleo-STM32H563ZI board
Improvements
  • CycloneCRYPTO library has been updated to version 2.4.4
L.3.0.4
Legacy version
May 31, 2024Open | Eval
New
  • New evaluation boards supported (Nucleo-H743ZI2 from STMicroelectronics and SAM E54 XPlained Pro from Microchip)
  • Update Library:
    • Added safe-guards against mismatching AES keys on the update server and on the embedded device
  • ImageBuilder utility:
    • Added HASH-based encryption key verification logic to update image
    • Added support for encryption and authentication keys in both ASCII and HEX formats
Improvements
  • Improved memory slot management with an abstraction layer to safeguard against any overflows and run-time errors related to bad memory slot configuration
  • Added support for dual-bank fallback mode on STM32U5 family
  • CycloneCRYPTO library has been updated to version 2.4.2
L.3.0.2
Legacy version
Feb. 5, 2024Open | Eval
New
  • Added support for In-Application Programming (IAP) using Single Bank MCU without necessitating an external memory (demo project available for STM32F769I-EVAL evaluation board)
  • New evaluation boards supported (Nucleo-L496ZG, Nucleo-F429ZI, Nucleo-F767ZI, Nucleo-H7A3ZI-Q, STM32F769I-DISCOVERY)
Improvements
  • Clearly distinguished IAP Single Bank demos: those requiring external flash (iap-single-bank-ext-mem/) and those using only MCU internal flash (iap-single-bank/)
L.3.0.0
Legacy version
Dec. 18, 2023Open | Eval
New
  • Various demonstration projects for Nucleo-U575ZI-Q, Nucleo-H743ZI2, STM32429I-EVAL, STM32F769I-EVAL and STM32H753I-EVAL2 evaluation boards
  • Revamped READMEs for our demonstration projects, making them much more user-friendly and easy to understand
Improvements
  • Internal re-structuring of modules for better code reuse
  • Reorganization of memory related functions for more flexibility and portability across different use cases
  • Improvements to ImageBuilder PC utility (formerly AppImageBuilder) to better manage boot offset required by different MCU families
  • CycloneCRYPTO library has been updated to version 2.3.4
L.2.1.0
Legacy version
Dec. 23, 2022Open | Eval
New
  • Introduction of new error codes for specific firmware update related error scenarios. The list of error codes will be expanded gradually in upcoming releases.
  • AppImageBuilder CLI utility has been completely overhauled. The source code for the utility is also now available. Multiplatform support (Windows/Linux) alongside POSIX compatible CLI parameters/flags have been added. CMake based toolchain is now used to build the project and to facilitate compilation on a number of different OS’s.
Improvements
  • CycloneCRYPTO library has been updated to version 2.2.0
  • Reorganization of security related (authentication, signature, and integrity verification) modules into a separate package to better code reuse
  • All HTTP server demo projects will now display a message in the HTML UI, if an error occurs during firmware update process
  • Added new demonstration projects for Nucleo-H743ZI2 (HTTP Server Dual Bank Demo, HTTPS Client Dual Bank Demo)
Bugfixes
  • Reworked ECDSA verification process
  • Correct some edge-cases related to Single Bank update image processing (with the static bootloader)
L.2.0.2
Legacy version
Jul. 29, 2022Open | Eval
New
  • Added new demo boards (Nucleo-STM32H7A3-ZIQ, Nucleo-STM32L496-ZG, SAME54-Xplained-Pro)
  • Added new demo projects on STM32 evaluation boards (IAP Demo through USB/RNDIS with HTTP Server protocol, IAP Demo through UART with Y-Modem protocol)
Improvements
  • Improved parsing process for the image update
L.2.0.0
Legacy version
Mar. 25, 2022Open | Eval
New
  • Added support for Single Bank MCUs
  • Added support for external flash memory devices through an abstraction layer
  • Included a static bootloader to perform advanced firmware update scenarios
  • Added support for Fallback & Anti-rollback features during firmware update
  • Added demo projects for STM32 targets (Nucleo-F429ZI, Nucleo-F767ZI, STM32F769I-DISCO evaluation boards)
Improvements
  • CycloneBOOT architecture has been revamped to incorporate Single Bank MCU support (with external memory)
  • Expanded Cryptographic algorithms support for firmware security
  • Added a Linux binary of ApplicationImageBuilder utility, used to create firmware update images
L.1.0.1
Legacy version
Apr. 09, 2021Open
  • Legacy CycloneBOOT demonstration package (IAP library) for STM32F4 and STM32F7 MCUs with Dual Bank internal MCU Flash