PostHeaderIcon Further Improvement in Copy IC Code

Copy IC Code Further Improvement involved using a part of the main memory to control access to the data from outside. This was implemented either by latching the information stored at a certain address at power-up and treating it as a security fuse, or by using passwords to grant access to the memory.

For example, in the Texas Instruments MSP430F112 microcontroller, the read-back operation can be called only after the correct 32-bytes password is entered. Without that, only the chip erase operation is available. Although such protection seems to be more effective than previous offerings, it has some drawbacks which could be exploited in low-cost non-invasive mcu cracking such as timing microcontroller program reading and power analysis.

More details on these mcu flash recovery are presented in later articles. If the state of the security fuse is sampled from the memory during power-up or reset, it could present some room for the ic code copier to play with power glitches, trying to force the circuit to get the wrong state of the memory.

Copy IC Code Further Improvement involved using a part of the main memory to control access to the data from outside. This was implemented either by latching the information stored at a certain address at power-up and treating it as a security fuse, or by using passwords to grant access to the memory
Copy IC Code Further Improvement involved using a part of the main memory to control access to the data from outside. This was implemented either by latching the information stored at a certain address at power-up and treating it as a security fuse, or by using passwords to grant access to the memory

Comments are closed.