Pages: [1] 2   Go Down
Author Topic: Can I secure my code from being copied on arduino boards?  (Read 2337 times)
0 Members and 1 Guest are viewing this topic.
Offline Offline
Newbie
*
Karma: 0
Posts: 3
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

Am brand new to arduino boards, just want to see if it will ba applicable for me to use them.

I want to know if the code that is uploaded to the board can be secured from copying. Perhaps locked to the particular board that it is installed on.

My ideal scenario is that I get some sort of unique board number from the board, then insert that serial number into the code somewhere, and the code checks the board's unique id on boot, if the board does not match then it does not run. This is of course dependant on whether the code within the board can also be protected from view.

thanks

Logged

Global Moderator
Boston area, metrowest
Offline Offline
Brattain Member
*****
Karma: 549
Posts: 27434
Author of "Arduino for Teens". Available for Design & Build services. Now with Unlimited Eagle board sizes!
View Profile
WWW
 Bigger Bigger  Smaller Smaller  Reset Reset

1. See section 28 of the datasheet for a discussion of the Lock Bits that are provided.  You can make it difficult to copy the flash memory.
2. I imagine you will need some sort of external PROM to hold the unique number to be checked. I would think that faking the input to provide that wouldn't be all that difficult. Or even just pulliing the part off and reading all the memory locations out the same way the arduino does.
Logged

Designing & building electrical circuits for over 25 years. Check out the ATMega1284P based Bobuino and other '328P & '1284P creations & offerings at  www.crossroadsfencing.com/BobuinoRev17.
Arduino for Teens available at Amazon.com.

Seattle, WA USA
Offline Offline
Brattain Member
*****
Karma: 654
Posts: 50931
Seattle, WA USA
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

Quote
This is of course dependant on whether the code within the board can also be protected from view.
Your code is compiler and linked, and the hex file that the linker produces is uploaded to the board. That binary file can not be converted back into C++ code.

What is your real fear?
Logged

California
Offline Offline
Sr. Member
****
Karma: 3
Posts: 444
View Profile
WWW
 Bigger Bigger  Smaller Smaller  Reset Reset

The arduino board is open source. Your project is not unless you make it so. As long as you don't share your files with anyone no one can see your code. And if someone really really wanted to go to some trouble they could maybe duplicate your chip. If that is a concern then CrossRoads' suggestion of Lock Bits would be of use to you.
Logged

Toledo, OH
Offline Offline
God Member
*****
Karma: 36
Posts: 514
View Profile
WWW
 Bigger Bigger  Smaller Smaller  Reset Reset

You can protect yourself from "kid sister" type attacks.  But, if you need military-grade protection, forget it.  Also, keep in mind that just about any protection scheme can be broken with enough time and computer power.

I design military and hipaa-level security systems with the full knowledge that all *can* be hacked.  The goal being, that while it can be hacked, it would take as long as the universe is old to it.  We consider this length of time "infinite".  Basically, while possible, it's not really possible within the age of the universe (since the big bang).

Basically, if you need "kid sister" protection, you can do it.  But, if you need military-level protection, I think you need to look elsewhere.

Tim
Logged

Arduino - Teensy - Raspberry Pi
My libraries: NewPing - LCDBitmap - toneAC - NewTone - TimerFreeTone

Offline Offline
Newbie
*
Karma: 0
Posts: 3
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

thanks all,

I did not know if anyone could just plugin and copy the code.

My application is not complicated, but the industry is competitive, I just want basic protection from someone casually copying my solution. If someone wants to copy my solution, then I want them to at least do their own coding.

thanks again. Looks like Arduino is a good choice for me.
Logged

Offline Offline
Newbie
*
Karma: 0
Posts: 3
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

thanks to PaulS

the info about compiler and code being linked is key for me, and I hope I understand that correctly.... it means that only the same compiler install can open the code on the chip correct?

Logged

Pittsburgh, PA, USA
Offline Offline
Faraday Member
**
Karma: 99
Posts: 4837
I learn a bit every time I visit the forum.
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

No. If the flash contents can be read then they can be copied to another chip or disassembled.

But what I read about lock bits says you can keep the flash from being read and that to break the lock bits wipes the flash. Perhaps someone has a way to get the flash out of the chip and read it but I have to wonder at the tools and time that would take and if the effort would be worth the reward as opposed to reverse-engineering or writing a better program or just buying the original.


Logged

I find it harder to express logic in English than in Code.
Sometimes an example says more than many times as many words.

SG
Offline Offline
God Member
*****
Karma: 11
Posts: 535
Arduino rocks
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

Atmel AVR231: AES Bootloader
Download software
Quote
This application note describes how firmware can be updated securely on AVR
microcontrollers with bootloader capabilities. The method uses the Advanced
Encryption Standard (AES) to encrypt the firmware.

This application note presents techniques that can be used when securing a design
from outside access. Although no design can ever be fully secured it can be
constructed such that the effort required to break the security is as high as possible.
There is a significant difference between an unsecured design that a person with
basic engineering skills can duplicate and a design that only few, highly skilled
intruders can break. In the unsecured case, the design is easily copied and even
reverse engineered, violating the intellectual property of the manufacturer and
jeopardizing the market potential for the design. In the secured case, the effort
required to break the design is so high that most intruders simply focus on developing
their own products.
Logged

Dubai, UAE
Offline Offline
Edison Member
*
Karma: 22
Posts: 1675
View Profile
WWW
 Bigger Bigger  Smaller Smaller  Reset Reset

Quote
that most intruders simply focus on developing their own products.

Quicker and easier - unless your idea is so staggeringly brilliant that no-one could copy the outcome.

Duane B
Logged


Pittsburgh, PA, USA
Offline Offline
Faraday Member
**
Karma: 99
Posts: 4837
I learn a bit every time I visit the forum.
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

Doesn't using a bootloader keep you from using all the locks?
Logged

I find it harder to express logic in English than in Code.
Sometimes an example says more than many times as many words.

Central MN, USA
Offline Offline
Tesla Member
***
Karma: 76
Posts: 7307
Phi_prompt, phi_interfaces, phi-2 shields, phi-panels
View Profile
WWW
 Bigger Bigger  Smaller Smaller  Reset Reset

Doesn't using a bootloader keep you from using all the locks?

I was guessing a yes so once you enable the lock bit, you can no longer upload code with bootloader.
Logged


Left Coast, CA (USA)
Offline Offline
Brattain Member
*****
Karma: 362
Posts: 17307
Measurement changes behavior
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

Doesn't using a bootloader keep you from using all the locks?


Yes, the standard arduino lock bit values of 0x0F (for locked) and 0x3F (for unlocked) used in most standard boards prevents protection of the flash contents by being read via ICSP, serial bootloader, or even a parallel programmer. Not sure it's possible to be able to lock down the flash contents from being read by a programmer and still be able to utilize a serial bootloader.

 The locked value of 0x0F just protects the bootloader from being erased when a new upload request from the IDE/AVRDUDE erases the old sketch before writing the new sketch to flash memory.

Lefty
Logged

Pittsburgh, PA, USA
Offline Offline
Faraday Member
**
Karma: 99
Posts: 4837
I learn a bit every time I visit the forum.
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

I wonder if it's possible to get into a fully locked AVR. Can the chip be planed down and somehow read with an electron microscope or like or would it be simpler than that?

Logged

I find it harder to express logic in English than in Code.
Sometimes an example says more than many times as many words.

Dubai, UAE
Offline Offline
Edison Member
*
Karma: 22
Posts: 1675
View Profile
WWW
 Bigger Bigger  Smaller Smaller  Reset Reset

I think that was done to read the key on an EMV Chip card a few years back.

Duane B
Logged


Pages: [1] 2   Go Up
Jump to: