cancel
Showing results for 
Search instead for 
Did you mean: 

Readout protection effectiveness

fggnrc
Associate II
Posted on November 08, 2005 at 19:29

Readout protection effectiveness

6 REPLIES 6
fggnrc
Associate II
Posted on October 14, 2005 at 07:42

Hi all!

As you know, the ST7 family has an option bit that enables the readout protection.

When enabled, it should protect my code.

How effective is it?

An interesting appnote from maxim (http://pdfserv.maxim-ic.com/en/an/AN2033.pdf) shows how easy it is to access the die by removing the plastic enclosure.

For this reason the ROM versions are less secure than FLASH ones, since it is possible to ''see'' the 0 and 1 which corresponds to a masked-off transistor in the memory array.

To remove the readout protection, an attacker should change the memory cell that stores its value.

UV exposure while masking the protected data (i.e. my code) seems not to work because the readout protection bit is enabled when its value is 1.

Having no clue, I did a patent search, and discovered that STM holds the patent EP0929737 which describes a way to prevent unauthorized reads.

I still have doubts. How much I can trust this protection?

Regards

EtaPhi

fggnrc
Associate II
Posted on October 15, 2005 at 11:06

Ok folks, I did my homework...

The answer to my question is that the readout protection bit effectiveness is low.

This bit discourages only the casual hackers, not the ones that may hire my competitor!

An interesting read to everbody is the following paper:

http://www.cl.cam.ac.uk/~mgk25/tamper.pdf

Here is told about hot nitric acid etching, CPU surgery and micro needles to read my code.

Therefore do NOT TRUST the readout protection bit.

If you enable it to protect your code from piracy, you can have at most some months of advantage before somebody clones your design...

I hope you all benefit from my discover...

EtaPhi

franco
Associate II
Posted on October 17, 2005 at 11:39

Thanks EtaPhi!! I'm afraid.. :o :o

alain2399
Associate II
Posted on October 21, 2005 at 13:17

This like for your home door, nothing is absolutly safe. This is a balance on how it will cost to break in and what you will gain by breaking in.

I doubt that for standard application it will be worth the effort. Starting from scratch the code by having the specification will be much less costly. This is different of course when it comes to cryptography and credit cards.

Thanks for the article anyway, it was interesting.

fggnrc
Associate II
Posted on October 24, 2005 at 06:56

You hit the point, Alain!

Piracy is ruled by the balance between the reward for breaking a design and its re-engineering cost...

My post does not want to frighten anyone out of buying SMT microcontrollers, instead to start a reflection on business models which may be somewhat off-topic.

All we now that production is more and more frequently shifted into asian countries.

Engineering is following this trend because asian technicians are not less competent but are cheaper than us.

All we are told that creativity makes a difference, but the resulting design has no protection against reverse engineering.

Yes, I can use the Patent Law to protect my work, but I am not a lawyer, and I can not afford it.

My design (until now an hobbyst one) deals with a cheap home automation system.

The target price of an item will be about 50% above the price of the equivalent solution made by switches.

An Europen Community study says that there will be a big growing market for these kind of devices.

I hope to capture my share and I am building now the first prototype in my free time.

When a big market opens, there is a window of opportunity for small fishes like me.

However, this opportunity attracts the big fishes and the sharks too.

Here piracy protection plays a foundamental role.

Since it is easy to reverse-engineer a circuit, my business model relies in the firmware protection.

Even if one may build a cheaper copy, nobody should program it: here is my bread-and-butter!

I made any effort to optimize the firmware: the PC bridge, for instance, is built with a ST7FLITE39 (BTW, where one can have some samples, even the biggest distributors in Italy, such as Silvestar Cedis have no stock).

Its firmware is written in asm and I have so optimized it that only 10 bytes of code are unused.

I am lucky, since the specification of the communication protocol between devices is a part of my creativity, therefore the sharks can only break my design.

However, the reward is the lion share of a growing market!

Now I realize that STM readout protection gives me about a year of advantage with respect to the big fishes, and a couple of months from the sharks.

I hope it may let me survive...

Any opinion about the subject is welcome!

EtaPhi

info45
Associate II
Posted on November 08, 2005 at 19:29

Hello,

I agree.

For High level security system, this is'nt the best solution.

I thinks that is better have full correct behaviourr rather the code protection! Better if all....

An example is st72f324: from datasheet ''Read-out protection is not supported if the LVD is enabled''.

There are not foreseen correction for this silicon limitation...

If I choice this uc for Your capabilities , then I charge the limitation also ( for our bad luke!)

Silicon bugs are always present in any uc of any manufacturing...

Code protection permitt a little time advantage, not keep along in time!

By