Write protecting / un-protecting a Mega 2560

Hi everybody!

I have built a system to look after my vivarium runing on a Mega 2560.

It monitors temperature and uses PWM to control a ceramic heater using the 'dimmer' method, can fire a humidifier, cooling systems, turn lights on and off etc etc.

I have written software that runs on my phone and connects in via Bluetooth to allow reading and writing of settings from/to EEPROM.

So far so good.

The next step I am considering is allowing access to it over the internet via a web browser or dedicated app and here is where my problem starts.

IF I was to make this a commercial venture I would want to make absolutely sure it cannot be hacked (Yeah I know - there's always a possibility...).

So I was wondering if it's possible to flick a virtual switch which makes the board read only and then (probably using something like Google Authenticator) if I ever need to do an update I can switch it back to read/write mode.

I have all sorts of checks in place to raise alarms and turn down power in the event of an emergency but of course this could be changed if I got hacked.

I can of course build a seperate system to monitor the main one that would not be internet enabled and could throw a kill switch but I'm hoping to avoid that.

Thanks for any replies!

You could close down the microprocessor using a fuse bit. After that you or anybody else won't be able to read or write the memory anymore (without using a special high voltage programming device). This is the way commercial products are often "secured". From your description it seems that you don't have fear that anybody could steel your invention but that you're hacked over the internet. That's not possible because you cannot write to the Arduino's flash over the internet. The drawback is clear also: you are not able to update your device too.