I have a quick question, is there any way possible to get and read the Arduino code from an Arduino Due?
If so is there a way to prevent this?
It is very easy to read the code off an Arduino.
It is not so easy to reconstitute the original C/C++ from that code.
What is a Duo?
It is trivial to "xerox" the code on an Arduino onto another board - the bootloader is capable of reading out the contents of the flash (it does this after uploading to make sure the code was uploaded successfully). But that's raw machine code - you can't get back to the C code from that, and doing anything with it other than copying it onto another chip is tedious, time-consuming work for an expert.
Depending on the board (there is no such thing as an Arduino Duo - maybe you meant due) there are various code security facilities available (lockbits on the AVRs, I don't use the SAM boards like the Due/zero so not sure how they do it); depending on the microcontroller that the specific board uses; these generally complicate the process of uploading and reprogramming. It is also not perfect - there are firms that specialize in glitching parts in order to bypass these protections.
That said, we very often get people who clearly have little experience asking this question. I don't mean offence by this, but by the time you are at a level of skill where you could write code that other people would consider worth ripping off, you will have no trouble figuring out how to use the code protection facilities from reading the relevant section of the datasheet.
sorry about the confusion of the board name, I mistyped and I actually meant the Arduino board Due
In general, "securing" the program memory of any arduino-class board will involve removing the bootloader and programming the processor with an external programmer instead. There are "secure bootloaders", but they tend not to be open source, and the bootloaders that arduino does use always permit the program memory to be read (for "verification" purposes after programming, mostly.)
DrAzzy:
It is trivial to "xerox" the code on an Arduino onto another board - the bootloader is capable of reading out the contents of the flash (it does this after uploading to make sure the code was uploaded successfully). But that's raw machine code - you can't get back to the C code from that, and doing anything with it other than copying it onto another chip is tedious, time-consuming work for an expert.Depending on the board (there is no such thing as an Arduino Duo - maybe you meant due) there are various code security facilities available (lockbits on the AVRs, I don't use the SAM boards like the Due/zero so not sure how they do it); depending on the microcontroller that the specific board uses; these generally complicate the process of uploading and reprogramming. It is also not perfect - there are firms that specialize in glitching parts in order to bypass these protections.
That said, we very often get people who clearly have little experience asking this question. I don't mean offence by this, but by the time you are at a level of skill where you could write code that other people would consider worth ripping off, you will have no trouble figuring out how to use the code protection facilities from reading the relevant section of the datasheet.
So my answer to this is simple, I understand where you are coming from, but the project I am working on is an external encryption/decryption system. The purpose of the project is to learn about security, both hardware security, and cybersecurity. So any help in fully securing the code is greatly appreciated.
westfw:
In general, "securing" the program memory of any arduino-class board will involve removing the bootloader and programming the processor with an external programmer instead. There are "secure bootloaders", but they tend not to be open source, and the bootloaders that arduino does use always permit the program memory to be read (for "verification" purposes after programming, mostly.)
how would you run it without a bootloader, and how would I remove the bootloader.
how would you run it without a bootloader, and how would I remove the bootloader.
The bootloader isn't needed at all to run sketches, it doesn't provide any "services" other than uploading.
You can use a JTAG (or maybe SWD - they tended to be handled by the same boxes) like an "Atmel ICE", or "Segger J-Link."
It is relatvely easy to copy the code in Flash memory (I didn't try myself to copy the code in SRAM if a part of the code runs from SRAM), except when lock bits are set.
However each DUE board (in fact a Sam3x8e chip) has its own unique 128-bit ID. Using this unique ID (or parts of it) inside your code at several check points would make a copy of the machine code useless on another DUE board.
Search in the DUE sub forum for an example code to read the Unique ID.
so if I understand this right if the boot loader is removed, and I use the unique ID in the code it will be hard to duplicate?
Also, that is great, but, one of my main concerns is if someone is able to get the code from the Arduino and be able to turn it into the original code. How could I prevent this?
How do you propose to remove the bootloader? It is permanently stored in ROM.
westfw:
In general, "securing" the program memory of any arduino-class board will involve removing the bootloader and programming the processor with an external programmer instead. There are "secure bootloaders", but they tend not to be open source, and the bootloaders that arduino does use always permit the program memory to be read (for "verification" purposes after programming, mostly.)
westfw:
The bootloader isn't needed at all to run sketches, it doesn't provide any "services" other than uploading.
You can use a JTAG (or maybe SWD - they tended to be handled by the same boxes) like an "Atmel ICE", or "Segger J-Link."
I know it is possible, I do not know right now
Cybertonic:
I know it is possible, I do not know right now
It might be worth you having a look here. It gives a pretty good rundown on the Due bootloader.
Oh, okay thanks for pointing that out.
Cybertonic:
... one of my main concerns is if someone is able to get the code from the Arduino and be able to turn it into the original code. How could I prevent this?
Set lock bits when you upload your code.
How do you do that?
The Arduino IDE uploads a sketch into a DUE with BOSSA:
http://www.shumatech.com/web/products/bossa
But you can upload or read a sketch from a DUE board directly by yourself:
If you have a PC, write a command "cmd", click enter. A window will open with this line:
c:\Users...>
To read or upload a .bin file, write this line after >
To read a .bin file inside the DUE:
AppData\Local\Arduino15\packages\arduino\tools\bossac\1.6.1-arduino\bossac.exe --port=COM4 -U true -r image.bin
If your COM port is the number 4, or:
AppData\Local\Arduino15\packages\arduino\tools\bossac\1.6.1-arduino\bossac -U true -r image.bin
To upload to the DUE a .bin file:
AppData\Local\Arduino15\packages\arduino\tools\bossac\1.6.1-arduino\bossac.exe --port=COM9 -U true -e -w -b image.bin
if your COM port is the number 9, or:
AppData\Local\Arduino15\packages\arduino\tools\bossac\1.6.1-arduino\bossac -U true -e -w -u -b -R image.bin
There is an option in BOSSA to set lock region bits. NOTE that some users have had issues uploading a new code once lock bits have been accidentaly set ! This thread is about this issue, with some sort of solution. This might (or not) work for you (see reply #41):