Go Down

Topic: Protecting flash memory from being extracted - how? (Read 23 times) previous topic - next topic

A customer I'm making a simple Arduino-based appliance for has requested that it should not be possible to extract the software from the device, as it will contain sensitive account information. I know almost nothing about the function of bootloaders or the functions of the native ICSP portion on the Atmega chips - I'm just a programmer - so forgive me for the noobie questions.

I am aiming to deploy on USB-less Atmega328p boards that only offer ICSP header. Does the Atmega328 ICSP natively allow reading the flash memory using avrdude or similar, or does it require the presence of a bootloader that offers this function? Is there some kind of dedicated locking mechanism for disallowing this? Will it affect my own software's ability to read from flash memory?

Thankful for any advice on how to "lock down" the device after flashing it.

hiduino

There are two sets of lock bits, the bootloader lock bits and the memory lock bits.

The bootloader lock bits provide different levels of access read/write the bootloader section and application sections.  Since you are not using a bootloader then you can ignore these bits.

The memory lock bits provide read or write access via external Parallel or Serial ICSP programming.  This is the one to use to prevent reading from ICSP.  Setting these bits do not prevent your application from reading from Flash.

Note once you set the lock bits you can only clear them by erasing the chip.

So the quick steps are:
1. Erase the chip (avrdude will generally do this automatically when writing to flash).  This will also clear any lock bits.
2. Write your program to the chip via ICSP.
3. Write the lock bits, for the m328p, lock bits = 0x3C.  This will prevent further read/write access to flash via ICSP.



...

So the quick steps are:
1. Erase the chip (avrdude will generally do this automatically when writing to flash).  This will also clear any lock bits.
2. Write your program to the chip via ICSP.
3. Write the lock bits, for the m328p, lock bits = 0x3C.  This will prevent further read/write access to flash via ICSP.
I will try this out, thanks!

Go Up
 


Please enter a valid email to subscribe

Confirm your email address

We need to confirm your email address.
To complete the subscription, please click the link in the email we just sent you.

Thank you for subscribing!

Arduino
via Egeo 16
Torino, 10131
Italy