Go Down

Topic: How to prevent reading my sketch? (Read 1 time) previous topic - next topic

Markino76

Hi guys, I'm developing a little gadget based on Arduino Nano v3 and I'd like to prevent others to read, modify or overwrite my sketch...
I thought I could fill with a black resin my box but what about the code and the usb access?
On usb I need the serial monitor working so just disable (se or hw) the sketch reading writing would be fine

jremington

#1
Nov 01, 2017, 05:16 pm Last Edit: Nov 01, 2017, 05:19 pm by jremington
Your sketch in not on the Arduino -- only a translated, machine code version is uploaded, and it is very difficult to interpret.

However, you can set the code protection or "lock" bits, which in principle prevents people from reading even the machine code. That does not prevent anyone from erasing everything, and reprogramming your gizmo for something else.

Markino76

Thanks, can you help me with that code protection and lock bit? How to set it?

jremington


dannable

Once I had figured out how your program works, how long would it take me to write my own version? That would be quicker than downloading and disassembling what was on the processor.
Beginners guide to using the Seeedstudio SIM900 GPRS/GSM Shield

Markino76

Ok but... what about preventing "cloning" my gadget?
I'd like to be sure no one can just download my sketch and upload on another Arduino based gadget without undestrabd how it works.
For instance I'd implement my own communication protocol....

Delta_G

I see people all the time worried that someone might steal their code.  There are a few things you need to understand:

1.  Given access to the device and unlimited resources there is nothing you can do to stop me from getting the program out.  Eventually I'm down to the level of spending tons of money to disassemble the chip and an electron microscope to try to read out the ROM, so you might make it very hard but can never make it imposible.

2.  There is nothing that you can do with an Arduino that someone competent can't reverse engineer and copy without ever seeing your code. 

3.  Protecting communication protocols is even harder, because all I need to do there is sniff the wires and do a little work and I have your protocol. 


What is it that you are really worried about?  Someone being able to see your idea?  Is there some secret password or something on the Arduino that needs to be protected?  If you're just worried about being plagiarized then it's not worth it.  Protect the ideas and concepts with patents, but you really can't protect your code from people who know what they're doing. 
If at first you don't succeed, up - home - sudo - enter.

jremington

#7
Nov 03, 2017, 10:20 pm Last Edit: Nov 03, 2017, 10:21 pm by jremington
I recently ran across a "mystery chip" on a board, a PIC 12F629 processor with one output line and no input lines.

Since I had access to the programming pins, I attempted to read out the code, only to find out that the "lock bits" were on.

Then I used an oscilloscope to see what that output was doing: it emitted a 50 usec pulse every few milliseconds, just to keep the rest of the system alive. 

The entire program probably consisted of 5 lines of code but the programmer wanted to make sure that no one else could download it!

Delta_G

I think suffice it to say, by the time you're capable of writing code that would really have any need to keep secret, you'd know how to find out information about things like lock bits and wouldn't be asking on an internet forum. 
If at first you don't succeed, up - home - sudo - enter.

tibtib

If you need to protect the software, then make sure you include  some "failsafe" code so that the gadget will lock up and not be functional outside of its normal environment. For example, have some of the code in eprom and overwrite it as part of the kill process.

If you need to protect the hardware from being discovered and duplicated, then you may want a means for physical self-destruction as a last resort (doomsday scenario). A few creative lines of code would probably do the trick.

As mentioned above, you can't prevent reverse engineering but you can at least make it somewhat difficult and time consuming.

Go Up