Author Topic: MCU firmware protection  (Read 1092 times)

stern0m1

  • Full Member
  • ***
  • Posts: 113
  • Country: us
MCU firmware protection
« on: September 10, 2020, 11:02:17 PM »
Is there such a thing as an MCU that's impossible for someone to steal the firmware?

I know nothing about this topic, any links would be appreciated.
It all started with a Moteino!

mattm00700

  • NewMember
  • *
  • Posts: 11
  • Country: us
Re: MCU firmware protection
« Reply #1 on: September 11, 2020, 04:58:15 AM »
No expert, but here's the datasheet for the MEGA's processor:
https://ww1.microchip.com/downloads/en/DeviceDoc/doc8059.pdf

If you do a find for "lock bit" in there it will tell you about helping in that direction. The money is on p291.

Impossible?   ::)  Doubtful at best, only if they don't have the right folks working on it or don't motivate them.  What are you planning on keeping in there, anyway?  For anything I do, I figure lock bits is plenty good enough, if they want it that bad they will likely get it anyway, but I don't build sensitive stuff.  If you are storing the self destruct codes for the universe in there, we're doomed if somebody wants it bad enough and has it in their hands for a while.

It is impressive how far some people can go to reverse engineer hardware.  X-ray microscope to locate silicon and metal bond wires in the chip package, decap with hydrofluoric acid, microprobe the die while intentionally glitching the power in just the right way to cause the processor to do things it should never do and on and on.  If you are storing the destruct code, somebody has your number with a super high security chip that has all kinds of extra layers to conceal whats going on and try to stop it from being probed, and I'm sure someone else is busily trying to defeat it.  If you designed it, good chance you know what to try first anyway.

I'm also curious if there is a "reasonably impossible" or at least the best known, but I doubt I'll be picking one up anytime soon.


Neko

  • NewMember
  • *
  • Posts: 37
  • Country: us
Re: MCU firmware protection
« Reply #2 on: September 11, 2020, 04:45:13 PM »
There are three lock bits on the 328p that prevent access to the memory. I am sure there is something similar on the 1284p. I'm told that someone who is really motivated can go in with a laser and a microscope and break the lock by blowing a trace on the chip, or that you can hire someone to do that for you. And if they do, it is binary and needs to be decompiled and laboriously studied to figure out how it works. You can set the lock bits with Atmel Studio and a programmer like the ATMEL-ICE.

So the lock bits at least raise the barrier significantly to someone trying to get your code.