Reading protected Microcontrollers (MCU) - RussianSemiResearch



+ | -
  • 1. Who is this FAQ for?

    Most experts are developing devices on microcontrollers are already familiar with the topic of protection MCU programs, so we can assume that this section to them about anything new will not tell. However, there is a huge army of engineers and ordinary consumers of electronic devices not familiar with the detailed organization of such protection, but who want to either understand the details of the existing device, or create a similar device, then this collection of answers is intended for them.

  • 2. Why and from whom is the protection of microcontrollers?

    Many manufacturers of electronic devices try to protect their device from the possibility of simply copying it by another manufacturer. They went towards the manufacturers of microcontrollers by introducing the functionality of its products from the copy protection software (firmware) contained in the memory of the microcontroller. Using this protection against firmware reading, manufacturers of electronic devices can protect their product from simple copying by another manufacturer.

  • 3. What is the copy protection in the microcontroller, and why I can not read the secure firmware myself?

    Typically, copy protection is installed during the programming of the microcontroller by setting a special security bit or several bits in the microcontroller configuration word. Physically, these bits are located in special memory cells on the microcontroller chip. Sometimes other methods of protection are used, for example password protection, but the principle is preserved. To remove protection, it is usually necessary to change the value of this bit or several bits, although other methods of reading the contents of the microcontroller program memory can often be used. By conventional methods, such as a programmer, this can not be done, it requires complex expensive equipment, which the usual developer of electronic devices does not have. Therefore, we, having the necessary equipment, knowledge and experience, specialize in the provision of this kind of services.

  • 4. What gives me the removal of protection from reading the firmware?

    Suppose you have a device that you purchased from one of the manufacturers of electronic devices and you want to produce the same, but a modified device. But you do not have the source code of the firmware or the finished firmware, and you will need to completely and from scratch design and debug the firmware. This, in comparison with copying the electronic component of the device (circuit), will have to spend a lot of money and time. Using our professional services, you will save both money and time for developing the device. If there is a device or its electrical circuit, we can restore completely the algorithm of its operation and the text of the firmware in the programming language C or Assembler.

  • 5. What is the legality of such actions in terms of legislation?

    All firmware we read on the order of the customer for the purpose of repairing his device, or to familiarize himself with the algorithm of the firmware. All further responsibility for the illegal distribution of the microprogram or other actions with it or with its help lies entirely with the customer.

    Our company operates on the territory of the Russian Federation, so here's a quote from the law below. Legislation of other countries declares a similar position.

    Article 1280 of the Civil Code of the Russian Federation. "Free reproduction of computer programs and databases." Decompiling software. "


    2. A person who lawfully owns a copy of the computer program has the right to study, investigate or test the functioning of such a program without the consent of the right holder and without payment of additional remuneration in order to determine the ideas and principles underlying any element of the computer program by implementing the actions provided for in subparagraph 1 of paragraph 1 of this article.

    3. Person lawfully in possession of a computer program copy may, without the consent of the owner and without payment of additional remuneration, reproduce or convert the object code into the source code (decompile the computer program) or entrust other persons to perform these actions, if they are necessary to achieve interoperability of independently developed this person software with other programs that can interact with the decompiled program. ...

  • 6. What is the additional protection from reading and why is it better than usual??

    Additional three-level protection is designed to create conditions for the impossibility of reading the firmware (firmware) by known methods. It can include from one to three levels of protection: protection from opening the case, a hidden internal cut of the pin used by the programmer for reading, a hidden intracrystallic removal of the logic of the pin control used for reading.

    The first level is resistant to acids and solvents refractory polymer, which does not allow to get to the crystal.

    The second level makes it impossible to read the programmer without special expensive tools.

    The third level performs the same function as the second, but at the same time, intra-crystal restoration of the control logic on the inner layers is practically impossible, or it requires very expensive equipment.

    Considering that in the overwhelming majority of cases, the usual factory protection is easily managed, additional protection for many expensive and complex devices is an extremely necessary measure to prevent material losses associated with the ingress of fruits of intellectual activity into the hands of third parties.

  • 7. I want to install additional protection, but I'm afraid that you consider my super-secret program before installing protection. Is there any way to install additional protection on the chip, before I finally program it?

    In this case, before installing our additional protection, you can flash only the bootloader without the main program. After we install additional protection, you can already program the main memory. And the bootloader for loading the main program should use any other interface than the main interface used for standard programming, since the main interface will be disabled after installing our additional protection. Usually the bootloader itself does not represent any interest for copying. As a bootloader, you can use your own, or modified from the examples from the manufacturer of the microcontroller.

  • 8. I'm afraid that after reading my program can be transferred or used by third parties.

    It excluded, we never give anyone a few firmware and recovered sources, we do not store or use them for our own purposes.