Secure Bootloader for ARM Cortex-M MCU

CycloneBOOT is a secure bootloader targeting 32-bit microcontrollers. It is designed to provide a reliable and secure method for booting your device. It is tailored to work with a variety of ARM Cortex-M based microcontrollers, ensuring a seamless boot process every time.

CycloneBOOT is available either as open source (GPLv2 license) or under a royalty-free commercial license (non-GPL license). We also propose an evaluation license (90-day license in source form) with technical support for an easier onboarding and effective evaluation of our software.

CycloneBOOT Secure TCP/IP Bootloader for Microcontroller (MCU)

Main Features

CycloneBOOT is equipped with several security features to protect against external threats and unauthorized access. It includes a secure boot process that verifies the authenticity of the firmware image before processing it, ability to work with encrypted firmware update images, as well as support for digital signatures to verify the identity of the image.

In addition to security, CycloneBOOT is designed for ease of use. It is protocol agnostic, meaning that a firmware update can be performed using various physical media (Ethernet LAN, Wi-Fi, Cellular Modem, USB, UART, SD card...). CycloneBOOT features a simple and intuitive interface, allowing you to easily integrate CycloneBOOT alongside your existing firmware. It also includes support for multiple boot configurations — Single Bank with a static bootloader, Dual Bank with “In-Application Programming” where no bootloader is required to update the firmware — allowing you to customize the boot process for different scenarios.

CycloneBOOT is designed with reliability in mind. It includes fallback and anti-rollback support to ensure that your device is always able to boot, even in the event of a failure. The fallback feature allows user to revert to a previous firmware image if the latest firmware image contains bugs or serious issues. The anti-rollback feature prevents unauthorized downgrades of the main firmware image, ensuring that only authorized and secure versions of the firmware are used. This helps to protect against potential vulnerabilities that may exist in older firmware versions.

Detailed Feature List

  • Secure bootloader for 32-bit microcontroller
  • Can be integrated in client or server operation
  • Support for In-Application Programming (IAP)
  • Support for MCU with Dual-Bank or Single-Bank Flash
  • Support for external Flash (on request)
  • Can run alongside a RTOS or in Bare Metal
  • Integrity verification of the firmware image using CRC32, MD5, SHA-1, SHA-256 or SHA-512
  • Authentication of the firmware image using HMAC
  • Signature of the firmware image using RSA or ECDSA
  • Support for encrypted firmware image using AES-CBC
  • Fallback support (Backup current firmware and restore it if required)
  • Anti-rollback support (Prevent rolling-back to a known faulty firmware version)
  • PC utility running on Windows or Linux to build the firmware image (can encrypt the firmware and compute an integrity tag, an authentication tag or a signature)

Supported Microcontrollers

  • STM32L4
  • STM32F4
  • STM32F7
  • STM32H7
  • ATSAME54
More to come!

Supported Compilers / Toolchains

  • GNU GCC / Makefile
  • Atollic TrueSTUDIO
  • IAR Embedded Workbench
  • Keil MDK-ARM
  • SEGGER Embedded Studio
  • AC6 System Workbench for STM32 (SW4STM32)
  • ST STM32CubeIDE

Easy to use with TCP/IP Protocols

With our experience on TCP/IP protocols we can provide you with a ready-to-use Ethernet Bootloader by bundling CycloneBOOT with CycloneTCP (TCP/IP stack), CycloneSSL (TLS library) and CycloneSSH (SSH library). You could for example fetch the new firmware image over Internet (LAN, Wi-Fi, Cellular Modem) using protocols like:

  • SFTP / SCP ...

Download CycloneBOOT

Both Open Source and Evaluation packages of CycloneBOOT can be obtained from this page.

Note: These packages also include CycloneTCP (TCP/IP stack), CycloneSSL (TLS library) and various third-party software (BSP drivers, HAL layers, RTOS, etc.) for demonstration purpose.

CycloneBOOT Release History

This section provides version history and main changes.

2.1.0Dec. 23, 2022Open | Eval
  • Introduction of new error codes for specific firmware update related error scenarios. The list of error codes will be expanded gradually in upcoming releases.
  • AppImageBuilder CLI utility has been completely overhauled. The source code for the utility is also now available. Multiplatform support (Windows/Linux) alongside POSIX compatible CLI parameters/flags have been added. CMake based toolchain is now used to build the project and to facilitate compilation on a number of different OS’s.
  • CycloneCRYPTO library has been updated to version 2.2.0
  • Reorganization of security related (authentication, signature, and integrity verification) modules into a separate package to better code reuse
  • All HTTP server demo projects will now display a message in the HTML UI, if an error occurs during firmware update process
  • Added new demonstration projects for Nucleo-H743ZI2 (HTTP Server Dual Bank Demo, HTTPS Client Dual Bank Demo)
  • Reworked ECDSA verification process
  • Correct some edge-cases related to Single Bank update image processing (with the static bootloader)
2.0.2Jul. 29, 2022Open | Eval
  • Added new demo boards (Nucleo-STM32H7A3-ZIQ, Nucleo-STM32L496-ZG, SAME54-Xplained-Pro)
  • Added new demo projects on STM32 evaluation boards (IAP Demo through USB/RNDIS with HTTP Server protocol, IAP Demo through UART with Y-Modem protocol)
  • Improved parsing process for the image update
2.0.0Mar. 25, 2022Open | Eval
  • Added support for Single Bank MCUs
  • Added support for external flash memory devices through an abstraction layer
  • Included a static bootloader to perform advanced firmware update scenarios
  • Added support for Fallback & Anti-rollback features during firmware update
  • Added demo projects for STM32 targets (Nucleo-F429ZI, Nucleo-F767ZI, STM32F769I-DISCO evaluation boards)
  • CycloneBOOT architecture has been revamped to incorporate Single Bank MCU support (with external memory)
  • Expanded Cryptographic algorithms support for firmware security
  • Added a Linux binary of ApplicationImageBuilder utility, used to create firmware update images
1.0.1Apr. 09, 2021Open
  • Legacy CycloneBOOT demonstration package (IAP library) for STM32F4 and STM32F7 MCUs with Dual Bank internal MCU Flash