Welcome to EDAboard.com

Welcome to our site! EDAboard.com is an international Electronics Discussion Forum focused on EDA software, circuits, schematics, books, theory, papers, asic, pld, 8051, DSP, Network, RF, Analog Design, PCB, Service Manuals... and a whole lot more! To participate you need to register. Registration is free. Click here to register now.

Is PIC code protection secure?

Status
Not open for further replies.

ericmar

Full Member level 5
Joined
Apr 14, 2004
Messages
278
Helped
3
Reputation
6
Reaction score
4
Trophy points
1,298
Location
Singapore
Activity points
2,941
pic24 code protection

Hi,

I would like to know how secure is the PIC code protection feature. I guess no matter how you protect the codes, there is always a way to duplicate the codes even the code protection bit is set, right?

What is the usual practice for clone prevention, be it the hardware or the codes in the MCU? How to control the production quantity if project is consigned to a contract manufacturer?

I guess some software activation can act as another layer of protection to prevent clone prevention. Right?

Any idea?

Regards,
Eric
 

kastantin

Member level 2
Joined
Mar 1, 2007
Messages
51
Helped
5
Reputation
10
Reaction score
0
Trophy points
1,286
Activity points
1,498
All PIC users ensure that, the secure is very good, you can trust it
 

ctownsend

Advanced Member level 2
Joined
Nov 27, 2004
Messages
574
Helped
93
Reputation
188
Reaction score
63
Trophy points
1,308
Location
Canada
Activity points
3,661
What is the device? 16F????

From what I have read, there is no protection in the way you write the software. If someone is doing a straight 100% copy of you code, nothing is going to help you with that. There are lots of tricks to be used to slow down or prevent disassembly, but then again the determined hacker will always win.

As for the hardware side, make sure the lock bits are programmed (this is obvious).

When you design the circuit there are some tricks to slow the hacker down:

You can file off any chip markings.
You can also change standard pinout on the board.
3 or 4 layer board with important tracks in the middle layers.

I once burned an unused pin so that reprogramming or entering programming mode was impossible. The device still worked reliably, and may still work to this day as far as I know.
Others will tell you not to do this, but if you have no choice, then take your chances and try to burn the pin without destroying any other internal components on the micro. I used a 12VDc wall wart hooked up in reverse polarity to the pin and GND ***after it was programmed and LOCKED of course***

There are lots of good articles to read, try to google "embedded design security".

One last thing, how much $$ do you want to spend on your design or product?
IF there is no limit, then use a secure microcontroller. I believe that you get what you pay for. Some Maxim/Dallas products are just too secure for the average hacker, and would deter most people from cloning your device once they find out what the cost in reverse engineering a secure microcontroller. After all, you could just pay someone to write the code from scratch rather than pay to a reverse engineering company to read the locked device.

The determined hacker will always get it, no matter what. Whether or not you code worth the cost, is up to the designer. Making the reverse engineering process difficult can slow down or even force the hacker to give up.

Good Luck
 

ericmar

Full Member level 5
Joined
Apr 14, 2004
Messages
278
Helped
3
Reputation
6
Reaction score
4
Trophy points
1,298
Location
Singapore
Activity points
2,941
ctownsend said:
What is the device? 16F????

From what I have read, there is no protection in the way you write the software. If someone is doing a straight 100% copy of you code, nothing is going to help you with that. There are lots of tricks to be used to slow down or prevent disassembly, but then again the determined hacker will always win.

As for the hardware side, make sure the lock bits are programmed (this is obvious).

When you design the circuit there are some tricks to slow the hacker down:

You can file off any chip markings.
You can also change standard pinout on the board.
3 or 4 layer board with important tracks in the middle layers.

I once burned an unused pin so that reprogramming or entering programming mode was impossible. The device still worked reliably, and may still work to this day as far as I know.
Others will tell you not to do this, but if you have no choice, then take your chances and try to burn the pin without destroying any other internal components on the micro. I used a 12VDc wall wart hooked up in reverse polarity to the pin and GND ***after it was programmed and LOCKED of course***

There are lots of good articles to read, try to google "embedded design security".

One last thing, how much $$ do you want to spend on your design or product?
IF there is no limit, then use a secure microcontroller. I believe that you get what you pay for. Some Maxim/Dallas products are just too secure for the average hacker, and would deter most people from cloning your device once they find out what the cost in reverse engineering a secure microcontroller. After all, you could just pay someone to write the code from scratch rather than pay to a reverse engineering company to read the locked device.

The determined hacker will always get it, no matter what. Whether or not you code worth the cost, is up to the designer. Making the reverse engineering process difficult can slow down or even force the hacker to give up.

Good Luck
Hi,
Thanks for your reply. I am using the PIC18F. I did take a look on the Dallas/Maxim 1-wire secure authentication products but no sure if it is going to be great help.

Added after 1 minutes:

M!k said:
Recovery for educational purpose!? ROFL.
I think as long someone pay them money, they will help to extract the codes no matter how.
 

ctownsend

Advanced Member level 2
Joined
Nov 27, 2004
Messages
574
Helped
93
Reputation
188
Reaction score
63
Trophy points
1,308
Location
Canada
Activity points
3,661
M!k said:
interesting service:
https://www.mcuservice.com/default-services_code_extraction.htm
Recovery for educational purpose!? ROFL.
I think as long someone pay them money, they will help to extract the codes no matter how.

You have to pay them in advance. So how do you know they won't rip you off?
How do you know they won't give the software to others?

ANSWER:
You don't know. You have to take your chances. The best way would be to learn to write your own code, OR pay someone to write the program for you. It would be far less expensive than code extraction for "educational purposes", then you have your own source code that can be upgraded at any time.

Good Luck
 

vsmGuy

Advanced Member level 2
Joined
Jun 26, 2006
Messages
503
Helped
44
Reputation
88
Reaction score
15
Trophy points
1,298
Location
VddVss
Activity points
3,888
Secure is a very relative term...

How much do you value your IP ?

I it's in order of thousands, then yes, the PICs you buy off retail are secure.

If it's worth Millions, .. I don't think so.
 

Status
Not open for further replies.

Similar threads

Part and Inventory Search

Welcome to EDABoard.com

Sponsor

Top