HOMEABOUTSKILLSRESUMEPORTFOLIOCONTACT
portfolio/STM32 Custom Bootloader

STM32 Custom Bootloader

Security meets efficient firmware updates in a production-ready bootloader for mission-critical embedded systems.

CCMakembedTLS

Contents

  1. Demo Media
  2. Overview
  3. Key features
  4. The Architecture
  5. Tech Stack
📁View Repository

Demo Media

Regular boot
1/4

Overview

Project Goal: Implement a secure multi-element bootloader that supports encrypted updates and delta patches.

This bootloader delivers AES-128-GCM GMAC encryption while reducing update sizes by up to 90% through delta patching. That means faster updates for smaller chanages and uncompromised security.

The four-stage architecture creates a chain of trust where each component validates the next before executing it. If something goes wrong during an update, the failsafe recovery system automatically restores from backup - so no bricked devices.

Key Features

Production-Grade Security

AES-128-GCM encryption with authenticated encryption prevents tampering and unauthorized firmware execution.

  • GCM with authentication tags
  • Version-locked updates prevent downgrade attacks
  • Multi-layer validation at every boot stage

Delta Patching

Send only what changed, not the entire firmware. Reduces bandwidth by up to 90% for minor updates.

  • JANPATCH algorithm for efficient linear diffs
  • Perfect for OTA updates over cellular/satellite

Failsafe Recovery

  • Automatic backup before any update
  • CRC verification at every step
  • Rollback on failure

Four-Stage Architecture

  • Independent validation at each stage
  • Fallback to updater mode
  • Interactive menu for manual control

The Architecture

The bootloader operates through four independent stages, each with a specific role in the secure boot process:

Bootloader flow diagram

Boot (16KB)

The root of trust. Validates and launches the Loader, or falls back to Updater if Loader fails validation.

Loader (48KB)

Interactive menu system. User can boot the app, enter update mode, or view system information.

Updater (64KB)

Handles all update operations: decryption, patching, validation, and recovery.

Application (384KB)

The actual firmware. Validated by Loader before execution. Can be updated via full image or delta patch.

Update Flow

When an update arrives, the system begins a carefully organized sequence of validation, backup, and application steps:

Update process flow

Tech Stack

Core Platform

  • STM32F407 Cortex-M4 microcontroller
  • ARM GCC compiler toolchain
  • CMake build system
  • STM32 HAL hardware abstraction layer

Security & Crypto

  • mbedTLS for AES-128-GCM encryption
  • CRC32 hardware-accelerated integrity checks
  • XMODEM-CRC reliable data transmission

Update System

  • JANPATCH binary delta patching
  • Python automation scripts
  • jdiff patch generation tool

Development

  • Custom linker scripts for memory layout
  • Automated image header generation
Back to Portfolio View Source Code