FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to prevent installation of a firmware on non original boards

JulienD
Senior

‎2015-07-28 02:28 PM

Posted on July 28, 2015 at 23:28

Hi,

I'm building an application on a custom board. I plan to give free firmware upgrades to

customers but I wonder how to prevent the installation of this firmware on non original

boards (copy) ?

I would be pleased to have a software answer but I not convinced that it is possible.

Hardware answers are also welcome.

Thanks

Julien
0 Kudos
3 REPLIES 3
megahercas6
Senior

‎2015-07-28 11:34 PM

Posted on July 29, 2015 at 08:34

I think every Arm mcu does have unique 96b id

There should be a 96-bit ID at the back end of the ''ROM'' 0x1FFFF000 (ie 32-bit values at +0x7E8,0x7EC,0x7F0)

If you can track every board you make, and include that to array, your software could check if that processor id is original based on your tracked processors. But this can be very easy to hack.

Other way, just make encryption of your id codes, ( as example id is 96b long, so you can make 12 lookup by 256 values, that are filled with random values, and encrypt your id's with 12 random lookup tables, in that case disassembly will be very hard to understand, it should look like random code

Or make something interesting, like if you have lcd, or other chip with id code, you can read it and determine if it's your hardware.

0 Kudos
stm32forum
Associate II

‎2015-07-29 03:48 AM

Posted on July 29, 2015 at 12:48

You can make your own Stm32 bootloader that can process an encrypted file to update the firmware.

In my previous job we used Dallas 1-wire serial number for protection, however i think that's not secure anymore.

0 Kudos
Danish1
Lead II

‎2015-07-29 04:53 AM

Posted on July 29, 2015 at 13:53

You could put a ''magic number'' into the one-time-programmable part of the FLASH.

This magic number would have to match (possibly via a cryptographic function that you do not disclose) the unique ID of the stm32 part.

Somewhere buried in your code you check the magic number against the ID; if they agree then you continue to execute the code; if not, you know the device is counterfeit.

Hope this helps,

Danish

0 Kudos
Top