Continue to Site

Welcome to EDAboard.com

Welcome to our site! EDAboard.com is an international Electronics Discussion Forum focused on EDA software, circuits, schematics, books, theory, papers, asic, pld, 8051, DSP, Network, RF, Analog Design, PCB, Service Manuals... and a whole lot more! To participate you need to register. Registration is free. Click here to register now.

Register Log in

lock bits of AVR (be broken?)

Status
Not open for further replies.
M

meysam_abbasinia

Advanced Member level 4
Joined
Aug 14, 2007
Messages
105
Helped
2
Reputation
4
Reaction score
2
Trophy points
1,298
Location
IRAN
Activity points
2,136
hello

I am designing a Microcontroller base device for commercial purposes, now I want to lock my code with avr lock bits. is it reliable ?
I am scared for broken lock bits. if it is true, please help me about security of my code , maybe with boot loader.

thank you for your time.
 

I think there is always to chance to break the security if enough time and money is spend but the question is if your project is so important that will make someone spend say a few thousand dollars to get the code.
 

thank you for your replay.
my project is important and we want to product it (600 pieces in a year) and I don't want to someone get my hex code.
you said lock bits of AVR not broken easy (I find out it).
is there a better way for security of my code? (a classic method?)

thanks
 

thank you for your replay
so I set lock bits and don't need any methods for security,
arch, they can copy external memory easy. this way is not good.
we can just lock bits.
 

Yes, lock bits are great, and how you wrote you did that. Some editors and compilers could make problems with that option (that is my experience).

Maybe, greater security problem could be reverse engineering. Is it possible and easy with your project or not?
 

I use small DS2401 Silicon Serial Number hidden under some parts on PCB and serial must be in pair with uC code or user will get error. Also PC software check that serial in combination with PCB serial code and PC software serial code on some time interval, some calc is done and if result like cheksum is not true then shutdown.

I think PCB sealed in good epoxy and lock bits will protect your PCB from 99% copy/paste ready users, and if you making something for NASA agency then .....
 
Last edited:

meysam_abbasinia said:
they can copy external memory easy. this way is not good.
Click to expand...

You can use a crypto memory, but I don't think that it worths it to raise the cost of the construction. 600 pieces a year is not considered to be a large production and all projects are important in a way, all projects are in a risk of a hack. You could stick to lock bits, they are pretty secure.

http://www.atmel.com/products/other/securemem/default.aspx
 
Arch Zone said:
I used battery backup rtc with ram to store the serial number. when they take the chip to read it's memory, all data has been cleared.
Click to expand...

So when the battery is depleted the customer has to send the board back to you?
The chip isn't necessarily removed, someone could easily use a bus pirate and read the serial number assuming they can figure out that it is stored there.
I guess the most secure method is to use an unconventional method that no one else uses, if no one knows about it then it takes longer to break.
Another method would be a device with a uniques serial number like a DS18B20 but this would add to the cost an use some resourced of the mcu but it would probably be possible for someone to use dummy device that reports the correct serial.

Alex
 

After install new battery and connect to computer, when initial code is sent by computer, the uC wiill check timer value (16 bits) and store it to first two byte data at address 12H - 13H. This is only for the first time, not for next operation since at 10H-11H have been filled with special code.

10H - 11H special code
12H - 13H value from timer
14H - 17H xxxx

In the computer, i send four bytes that they are byte value of memory program, it will be stored at address 14H - 17H. everytime when uC is started, they always check two rtc memory, and then use it as data pointer to read memory program and compare it with value at 14H - 17H. If customer installs new battery, they have to contact me to get new patch. Sorry, i hard to explain it.


Thank you.

I used this method because sometimes i send hex files firmware update to my customer and the lock bit is useless.
 

alex can you explain me about use DS18b20 for security aim? because I can use this temperature sensor on my board , but I can not find out that how help me about security of my code ?

thank you

-------------------

arch
your method is good but I can't use this because my customer can't tell me for new path or hex file. (thanks for your method)

I find out that I must use lock bits safely. but alex method about ds18b20 is nice (if I understand his method)
 
Last edited:

The feature I'm talking about is

Each Device has a Unique 64-Bit Serial Code Stored in an On-Board ROM

64-BIT LASERED ROM CODE
Each DS18B20 contains a unique 64–bit code (see Figure 6) stored in ROM. The least significant 8 bits
of the ROM code contain the DS18B20’s 1-Wire family code: 28h. The next 48 bits contain a unique
serial number. The most significant 8 bits contain a cyclic redundancy check (CRC) byte that is
calculated from the first 56 bits of the ROM code. A detailed explanation of the CRC bits is provided in
the CRC Generation section. The 64-bit ROM code and associated ROM function control logic allow the
DS18B20 to operate as a 1-Wire device using the protocol detailed in the 1-Wire Bus System section.
Click to expand...

Alex
 
alex I will work on your method , I try use that 64 bit unique code. that seems good :wink: and I will say conclusion of my work here.
 

The only problem is that you need customized code for each board to match the sensor code
 

that is not important, I can do it. just read 64 bit ROM code from sensor and set it in my program code in #define part and finally program my chip.
it is good idea.
 

Better use DS2401 what I suggested in post #9 its have smaller case and its smaller then TO92, and hard to identify. All knows what is DS18B20, and if there is no temp measurement in device, someone can suspect, easely dessolder from PCB read ID number and emulate them. Also DS18B20 is available in uSOP and DS2401 is available in TSOC cases. First someone must identify that small part that is DS2401,... also price is lower for DS2401.

**broken link removed**
**broken link removed**

;-)
 
Last edited:

Status
Not open for further replies.

Similar threads

Part and Inventory Search

Welcome to EDABoard.com

Sponsor

Back
Top