Skip to main content
  • Products
  • Evaluate our Software
  • Downloads
  • Free Utilities
  • Purchase
  • Support
  • About Us
  • Blog
  • Forum
  • Search
    • Contact Us
    • Forum
    • Knowledge Base
    • Web Shop
    • Newsletter
    • RSS
  •   Jobs
  •   Videos
  •   Blog
  •   Sustainability
  • Program embedded systems
  • STM32-SFI Flasher Commander
  • Technology
  • Accessories
  • Tools
  • Models

STM32-SFI Flasher Commander

The STM32-SFI Flasher Commander is a command line interface (CLI) tool for programming targets using ST's Secure Firmware Install (SFI) feature and SEGGER’s professional production programmers Flasher PRO, Flasher PRO XL, and Flasher Compact.

Contact us
Downloads
Documentation
Production Tools Icon
  1. 1.Overview
  2. 2.Key features
  3. 3.How the STM32-SFI Flasher Commander works
  4. 4.Requirements
  5. 5.Other SEGGER solutions for secure programming

Overview

The STM32-SFI Flasher Commander is a command line interface (CLI) tool developed to support the Secure Firmware Installation (SFI) feature from STMicroelectronics. No additional license is required to use this tool with Flasher Compact, Flasher PRO or Flasher PRO XL.


Key features

The STM32-SFI Flasher Commander is a robust tool designed to secure the programming of STM32 microcontrollers during production. Its key features focus on enabling the Secure Firmware Installation (SFI) process, ensuring safe and reliable firmware transfer, and offering compatibility with SEGGER's advanced Flasher production tools.

Supports Secure Firmware Installation (SFI) from STMicroelectronics

The STM32-SFI Flasher Commander is designed to facilitate the Secure Firmware Installation (SFI) process, ensuring encrypted firmware is securely programmed onto SFI-enabled STM32 microcontrollers during production.

Ensures secure transfer of firmware to the target

The STM32-SFI Commander enables the secure transfer of encrypted firmware and its corresponding decryption key to target microcontrollers, using a Hardware Security Module (HSM) for secure key storage.

Runs with Flasher PRO XL, PRO and Compact

The tool is fully compatible with SEGGER's Flasher PRO XL, Flasher PRO, and Flasher Compact in-circuit programmers, offering flexibility across various programming setups.


How the STM32-SFI Flasher Commander works

On the left, an STM32HSM card with a reader on top, in the center, a Flasher Pro XL, and on the right, an STM32 Nucleo board being flashed with STM32-SFI Flasher Commander
An STM32HSM card with a reader on top, a Flasher Pro XL, and an STM32 Nucleo board being flashed thanks to STM32-SFI Flasher Commander

As part of the production process for SFI-enabled STM32 microcontrollers, the intellectual property (IP) owner sends encrypted firmware along with the corresponding decryption key to the facility responsible for programming the microcontrollers during production. The firmware decryption key is securely stored on a Hardware Security Module (HSM).  Programming can take place at any production site, even external, such as a contract manufacturer or a distributor that offers mass programming of stocked devices for delivery.

At the programming facility, the STM32-SFI Flasher Commander interfaces with SEGGER's Flasher PRO, PRO XL, or Compact in-circuit programmers and transfers the encrypted firmware image and the matching firmware decryption key (also in encrypted form) to the target MCUs to be programmed.

Read ST's blog post about the STM32-SFI Flasher Commander


Requirements

The following hardware items are required to program:

  • Smart card reader connected via USB to the host PC
  • STM32HSM Smart card STM32HSM-V2
  • Flasher PRO, Flasher PRO XL, or Flasher Compact

The generation of the secure .sfi binary file is part of the OEM firmware development phase and is handled by the Trusted Package Creator tool from ST as a post-processing of the application code.

The volume production leveraging the STM32 SFI programming is fully handled by the SEGGER STM32-SFI Flasher Commander tool and the SEGGER Flasher programmer.

More information about the STM32-SFI Flasher Commander is available in the SEGGER Knowledge Base.

 Learn more


Other SEGGER solutions for secure programming

If the target device does not support ST’s SFI, SEGGER has got you covered with the sophisticated production programming system Flasher Secure.

Combined with the SEGGER's Target Encrypted Link Package (TELP), it enables hardware without security features to be programmed securely. Using TELP, any microcontroller can be programmed with an encrypted firmware or bootloader image.

 More about TELP

Get in touch with us

Have questions or need assistance? Our Embedded Experts are here to help!

Reach out to us for:

  • Licensing quotes
  • Technical inquiries
  • Project support

 

Contact us

Headquarters

SEGGER Microcontroller GmbH

Ecolab-Allee 5
40789 Monheim am Rhein, Germany
info@segger.com
Tel.: +49-2173-99312-0
Fax: +49-2173-99312-28

Locations

USA: SEGGER Microcontroller Systems LLC

Boston area
101 Suffolk Lane
Gardner, MA 01440, USA
us-east@segger.com
Tel.: +1-978-874-0299
Fax: +1-978-874-0599

Silicon Valley
Milpitas, CA 95035, USA
us-west@segger.com
Tel.: +1-408-767-4068

China: SEGGER Microcontroller China Co., Ltd.

Room 218, Block A, Dahongqiaoguoji
No. 133 Xiulian Road
Minhang District, Shanghai 201199, China
china@segger.com
Tel.: +86-133-619-907-60

ISO 9001 certified

ISO 9001

30+ years of experience

First-class embedded software tools since 1992
  • Imprint
  • Disclaimer
  • Privacy Policy
© 2025 SEGGER - All rights reserved.