How to prevent someone from copying my firmware by dumping out hex from flash?

Is there any way to prevent people from copying my firmware by dumping out the hex file from the flash? I am using Atmega328.

Yes. You set the fuse lock bits to read only. See

http://forum.arduino.cc/index.php?topic=93907.0

for details.

Good luck!

He wants to make it NOT readable.

You will need to program the lock bits with an ISP programmer using avrdude from commandline. You can’t do it from the IDE.

If you are using Arduino as ISP:

avrdude -c stk500v1 -PCOM3 -b19200 -pm328p -v  -U lock:w:0xC0:m

hiduino: He wants to make it NOT readable.

You will need to program the lock bits with an ISP programmer using avrdude from commandline. You can't do it from the IDE.

If you are using Arduino as ISP:

avrdude -c stk500v1 -PCOM3 -b19200 -pm328p -v  -U lock:w:0xC0:m

Thanks! Are there any side effects? Say, will it make it non-writable? What if I want to upgrade firmware in future?

No, you should still be able to erase the flash to be able to re-program again using the ISP programmer. Just do:

avrdude -c stk500v1 -PCOM3 -b19200 -pm328p -v -e

If you want to re-program using the bootloader, then you can simply re-burn the bootloader first. Burn booloader also does a chip erase first before programming the bootloader. Then you can hook it up normally via serial USB and program from the IDE.

So how come there's a fuse to make it read protected? are you sure it can't be overwritten to make it extractable again?.

Solution would be writing to the eeprom with a couple of values and your program simply halts if they are not precise and there at the right location or pattern, maybe you could shift the bits somehow making it complicated enough to break it without specialized tools...

That however crude is a more secure method it has to be....

cjdelphi: So how come there's a fuse to make it read protected? are you sure it can't be overwritten to make it extractable again?

The only way to reset the lock bits is by burning the bootloader, which will ERASE the chip. At which point there is nothing except the bootloader on the chip. If someone wants to extract that they're wasting their time because the bootloader is available for free to download.

actually there is no 100% way to protect. for $400-$600 pirate houses in china and malasia will cut into the chip, disable lock bits, and read out the code. another level of protection is to enable rstdsbl which prevents most users from erasing and reprogramming. but of course you no longer have access either.

Will High Voltage programming also allow you to rewrite/change the fuse bits without erasing the chip?

NOTHING allows you to change fuse w/o erasing the chip. otherwise lock bits serve no purpose at all.

From '328P Datasheet:

28.1 Program And Data Memory Lock Bits
The … ATmega88A/88PA/168A/168PA/328/328Pprovides six Lock bits. These can be left unprogrammed (“1”) or can be programmed (“0”) to obtain the additional features listed in Table 28-2. The Lock bits can only be erased to “1” with the Chip Erase command.

3 Modes are offered:

No memory lock features enabled.

Further programming of the Flash and EEPROM is disabled in
Parallel and Serial Programming mode. The Fuse bits are
locked in both Serial and Parallel Programming mode.

Further programming and verification of the Flash and EEPROM
is disabled in Parallel and Serial Programming mode. The Boot
Lock bits and Fuse bits are locked in both Serial and Parallel
Programming mode.

28.7 Parallel programming

28.7.3 Chip Erase
The Chip Erase will erase the Flash and EEPROM memories plus Lock bits. The Lock bits are not reset until the
program memory has been completely erased. The Fuse bits are not changed. A Chip Erase must be performed
before the Flash and/or EEPROM are reprogrammed.