cancel
Showing results for 
Search instead for 
Did you mean: 

Detecting JTAG Access on the Board

Istillaga
Senior

Hi,

 

I am using the B-U585I-IOT20A Board and I want the board to notify me in some way if someone is attempting to access and modify its content via JTAG. Is there a way to do this?

1 ACCEPTED SOLUTION

Accepted Solutions

Your intention gets less clearer with any new posting. What part should detect the intrusion? The MCU or the debugger? And you do not want detection of another kind of debugger "intusion"?

 

Did you check https://community.st.com/t5/stm32-mcus-products/how-to-check-at-runtime-if-a-debugger-is-connected/td-p/458687?

 

View solution in original post

9 REPLIES 9

No, its not going to alert you to intrusion attempts.

You can disable the SWD/JTAG via Option Bytes / RDP Settings, in a permanent sense. Just be aware you'll not be able to use a debugger to program/debug the chip/board ever again.

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..

You could perhaps not use, and associate PA13/PA14 with an EXTI, that interrupts if these signals are toggled/modulated. Use your imagination..

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..
Andrew Neil
Super User

Does the Cortex-M33 have a register which tells you when a debugger is attached?

If it does, you could poll that.

If not, maybe something like this:

https://community.st.com/t5/stm32-mcus-products/stlink-emulator-with-stop-mode-condition/m-p/671060/highlight/true#M243267

 

A complex system that works is invariably found to have evolved from a simple system that worked.
A complex system designed from scratch never works and cannot be patched up to make it work.

ITM_SendChar() etc should check flagging in assorted debug units

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..
Andrew Neil
Super User

The thread title says, "Protection Against Unauthorized Access via JTAG", but the opening post just asks about detecting an attached debugger - so which one do you actually want to do?

A complex system that works is invariably found to have evolved from a simple system that worked.
A complex system designed from scratch never works and cannot be patched up to make it work.
Uwe Bonnes
Principal III

U5 has system security. Read rm0456 chapter 75, especially 75.2.6 Security and 75.12. about  debug authentication register. In the cube context, there should be examples and there are also presentations/tutorials about the subject,

I want to dettect an attached debugger

Istillaga
Senior

And it is posible to detect any access via ST-Link?

Your intention gets less clearer with any new posting. What part should detect the intrusion? The MCU or the debugger? And you do not want detection of another kind of debugger "intusion"?

 

Did you check https://community.st.com/t5/stm32-mcus-products/how-to-check-at-runtime-if-a-debugger-is-connected/td-p/458687?