I was interested in how to change the signature. I can read it OK.
theoritically it is an EEPROM so it can be modified
There is nothing in the datasheet suggesting the signature bytes are in EEPROM.All the references only indicate reading is possible, such as:28.7.13 Reading the Signature Bytes The algorithm for reading the Signature bytes is as follows (refer to "Programming the Flash" on page 293 fordetails on Command and Address loading):1. A: Load Command "0000 1000".2. B: Load Address Low Byte (0x00 - 0x02).3. Set OE to "0", and BS1 to "0". The selected Signature byte can now be read at DATA.4. Set OE to "1".Nowhere will you find "Writing the Signature bytes"
over the years there have been a couple instances of these being altered by accident but some years back i also changed signature bytes in some tiny on purpose as described in the freaks thread linked above. since it was a scientific experiment and not particularly useful i did not bother to document but similar to that procedure:This is via the HV programming logic; If someone maps it out on the other methods, I would like to learn too.To erase the signature and calibration rows, modify your programming software so that bit7 of the first instruction byte of chiperase is set. That is, the sdi/sii pairs80,CC 00,64 00,6CWill erase the signature and calibration rows.Before attempting this, read out ALL 16+16 bytes of signature and calibration. The documentation states that 2 bits in the second pair of read_sig_byte are address bits; This is untrue, there are 4 address bits for T13. Likewise for read_cal_byte, the second pair has 4 address bits.After you have erased the signature and calibration rows, load the flash programming instruction, followed by 16 words of data as one usually would for programming flash. Then, instead of executing flash_load_high_address_page_program, loadsdi 1xx1 x011 0000 0000 0000 0000sii 0101 0101 0100 0101 0011 0101instead (let's call it sig_page_program).The low bytes end up in signature, the high bytes end up in calibration.And the calibration value written here IS used after reset. The higher undocumented sig/cal bytes may or may not have interesting control functions :-)The method employed for this was brute force; I had a program fire off one random sequence after another, checking the chip state after each sequence. It spat out a number of interesting patterns, and I then had to figure out what part of the pattern was significant. Beware: Like the documented keep_eeprom_during_chiperase fuse, there is also an undcumented bit somewhere, 'keep signature rows during chiperase'; During some of my experimentation I managed to erase it on one of my devices and I haven't been able to find it, thus every time I do a normal chiperase the signature of this particular device is erased too.edit: my bit patterns are given without 0_ and _00 padding.i was able to alter several different chips but with no real application put little effort into saving the utilities or hardware (couple npn). now wish i did. a friend of mine also managed it but im not sure he still has more details. i will check.