Open-Source Secure Bootloader Demos
CycloneBOOT on STM32
Discover how our CycloneBOOT solution performs across different evaluation boards. Below, you’ll find an overview of the firmware update scenarios and available demos, including the protocols used for seamless firmware delivery.
Supported Firmware Update Scenarios
In-Application Programming (IAP)
With In-Application Programming (IAP) scenario, firmware updates are handled entirely by the CycloneBOOT Update Library, without the presence of a dedicated bootloader. This mode is supported only on dual-bank flash microcontrollers, where the internal flash memory is divided into two independent banks. When a new firmware image is received, the update library processes the incoming update image, performs verification and compatibility checks and installs the validated firmware into the inactive bank while execution continues from the active bank. Before rebooting, the update library configures the MCU to select the newly programmed bank as the primary boot bank. On reset, execution seamlessly switches to the updated user application. This approach minimizes system complexity, while providing update capability on platforms that support bank swapping.
Note: The update library also enforces anti-rollback protection.
Hybrid Application / Bootloader
This Hybrid mode combines the CycloneBOOT Update Library with the CycloneBOOT Bootloader to form a cooperative update mechanism. In this configuration, the user application is responsible for downloading and validating the new firmware image using the update library, and storing it in a designated download slot. Once the update is ready, control is transferred to the bootloader during the next reboot. The bootloader then performs final integrity checks, installs the validated firmware into its execution slot, and launches the updated user application. This mode cleanly separates the acquisition of updates from their installation. It also provides support for configurations using external flash memory.
Note: This mode enables boot-time application firmware verification at every startup and advanced functionality, such as fallback support.
Standalone Bootloader
The CycloneBOOT Standalone Bootloader is an independent, self-contained bootloader that manages the entire firmware update lifecycle without relying on the user application. Unlike Hybrid mode, all communication protocols, image validation, version control, and update logic are implemented directly within the bootloader itself. When a new firmware image is received, the standalone bootloader processes the update image, performs verification and compatibility checks, and installs the validated firmware into flash memory. After the installation is complete, the bootloader resumes its normal startup sequence and launches the updated user application.
Note: This solution also applies to MCUs supporting program execution from an external memory (EXecute-in-Place - XiP)
Available Demos by Evaluation Board and Scenario
The table below summarizes our available demos, organized by evaluation board and scenario (IAP and/or Hybrid and/or Standalone). It also highlights the protocol used for fetching new firmware updates.
| Vendor | Evaluation Board | In-Application Programming Demo Project | Hybrid App / bootloader Demo Project | Standalone Bootloader Demo Project |
|---|---|---|---|---|
| STMicroelectronics | NUCLEO-F429ZI | HTTP Server | - | - |
| STMicroelectronics | STM32429I-EVAL | HTTP Server | HTTP Server | - |
| STMicroelectronics | NUCLEO-F767ZI | HTTP Server | - | - |
| STMicroelectronics | STMF769I-DISCO | HTTP Server | HTTP Server | - |
| STMicroelectronics | STMF769I-EVAL | HTTP Server | HTTP Server, MQTT Client | - |
| STMicroelectronics | NUCLEO-H563ZI NEW | HTTP Server, SFTP Server | HTTP Server | - |
| STMicroelectronics | STM32H573I-DISCO NEW | - | UART/Y-Modem USB-CDC HTTPS Client | - |
| STMicroelectronics | NUCLEO-H743ZI2 | HTTP Server | HTTP Server | - |
| STMicroelectronics | STM32H753I-EVAL2 | HTTP Server | HTTP Server | - |
| STMicroelectronics | STM32H750B-DISCO | - | - | UART/Y-Modem |
| STMicroelectronics | NUCLEO-H7A3ZI-Q | UART/Y-Modem | - | - |
| STMicroelectronics | NUCLEO-L476RG | - | UART/Y-Modem | - |
| STMicroelectronics | NUCLEO-L496ZG | UART/Y-Modem | - | - |
| STMicroelectronics | NUCLEO-U575-ZI-Q | UART/Y-Modem | - | - |
| Microchip | SAME54-XPlained-PRO | HTTP Server | HTTP Server | - |
Toolchains Used for Demonstration Projects
Our demonstration projects typically utilize the following toolchains: STM32CubeIDE, Microchip Studio, Makefile, CMake, or KEIL MDK-ARM. Moving forward, we plan to standardize the use of CMake across all projects.
Need a Custom Demo?
If you’d like to see a demo using your preferred toolchain, or if you need support for a different evaluation board, MCU part number, protocol or scenario, just let us know. We can tailor the demo to your needs!