I am new to working with the Arduino's and am starting up a project trying to write a PUF for the Arduino Uno. I plan on doing this through the SRAM. I need to access the contents of the SRAM once the board starts up, but I can't seem to figure out how to access the SRAM. I have seen the library for reading and writing the EEPROM, but I can't seem to find one for the SRAM. Am I missing the library, or has anyone found a good way to access the SRAM?
Thanks
How much of it do you need.
void *pointer=malloc(howMuch);
Once all the transistors essentially stabilize after booting up, I would want to read them at that point. So does that code read an "x" amount of the SRAM?
Is this what you are trying to build...
Yes, that is what I am trying to build through using the SRAM.
...PUF for the Arduino Uno...
You will have to remove the bootloader. Or, at least, validate that it does not write to SRAM except when receiving a new image.
You may have to avoid using Arduino functions / Libc. At a minimum the first N bytes of SRAM will be initialized before your code runs.
The stack area will be written as your code runs.
The SRAM contents can be kept intact by extremely small voltages on I/O pins. Even an LED connected to a pin could interfere with what you are trying to do.
I believe Udo Klein experimented with the power-up contents of AVR processors. I suggest spending some time searching his material.
This should dump the first 256 bytes of SRAM...
void setup()
{
uint8_t const * p;
uint8_t i;
Serial.begin( 115200 );
p = 0;
i = 0;
do
{
Serial.print( *p, HEX );
Serial.print( ' ' );
++i;
++p;
if ( (i & 0xF) == 0 )
{
Serial.println();
}
}
while ( i != 0 );
}
void loop()
{
}
Spartan94:
I need to access the contents of the SRAM once the board starts up,
Isn't that exactly what is done by the C/C++ code that everyone uses ? ?
...R
@Spartan94 wants "raw" access to SRAM. The idea is the power-up values are a signature for the device.
Reading the Wikipedia article,
seems like one would be better off writing some signature bytes to the last few addresses of EEPROM or similar. Can by made unique, yet still be repeatable with power cycling.
The Wikipedia article is incomplete. I found an article from NXP that does a much better job explaining the goal.
It is possible to shave off the packaging, exposing the chip, then directly probe the chip to read the contents of Flash or EEPROM. The idea is to eliminate this form of attack. The theory is that SRAM would no longer initialize to the same value after the packaging was removed.
Spartan94:
@Coding Badly so why is the code placed in the setup?
It's your application. Put the code where it belongs.
With it only running once will this give the output of running through the SRAM and displaying every value?
I already answered that question...
Also, when viewing in the serial output, The output is not displaying as text but rather a characters. Is there any reason why this would be?
You failed to correctly set the baud rate.
hi guys
i am working on the same point
i have tested the code by codingbadly and it gives different valies for every chip
but in fact i can not understand if this code can work for the arduino to be puf ?
i have tested the code by codingbadly and it gives different valies for every chip
That sounds correct, were you expecting something different?
Grumpy_Mike:
That sounds correct, were you expecting something different?
the problem is the repetition of the values with every reset or disconnecting the power supply
the ram content act as if it is a chip ID
the ram content act as if it is a chip ID
A bit of a hairy concept that one.
It looks like you are getting a constant value with one chip and it is changing with an other chip. Is that correct? Because that is what one would expect to see.
Grumpy_Mike:
A bit of a hairy concept that one.
It looks like you are getting a constant value with one chip and it is changing with an other chip. Is that correct? Because that is what one would expect to see.
yes exactly that what i got
i think with every restart to the same chip i should get diff values
so y i had not got that ?
i think with every restart to the same chip i should get diff values
Why do you think that?
It is not what you are seeing and therefore there is nothing you can do about it. The characteristics of the chip are giving you that response.
Why does it matter anyway?
Grumpy_Mike:
Why do you think that?
It is not what you are seeing and therefore there is nothing you can do about it. The characteristics of the chip are giving you that response.Why does it matter anyway?
i am trying to use the property of sram to build puf,
Have you read that link worker on in the thread? It says
the real power of a PUF is its ability to be different between devices, but simultaneously to be the same under different environmental conditions on the same device.
Is that not what you are seeing?
To access RAM arbitrarily, you can do
byte *ramptr = (byte *)0x100;
:
byte rambyte = ramptr[address];
Note that arduino code USES a significant chunk of the RAM, and will have initialized that part to various values.
If the scheme will work at all on an AVR, and if I understand what you're trying to do, you should be able to use any fixed chunk of uninitialized memory, even if other memory IS initialized? You should be able to derive which memory is uninitialized using the same sort of linker variables used by malloc() for allocating memory from the heap:
char *__malloc_heap_start = &__heap_start;
char *__malloc_heap_end = &__heap_end;
(On the other hand, you should just be able to operate on ALL of RAM, because the initialized memory should be initialized to essentially constant values, so those values will fall out of CRC or digest-like algorithms.)
(OTTH, I have my doubts that any code worth protecting this hard HAS enough unused RAM to provide a useful ID after initialization, so you're back to checking before the sketch starts.)