Making out software for DA14583 protected

⚠️
Hi there.. thanks for coming to the forums. Exciting news! we’re now in the process of moving to our new forum platform that will offer better functionality and is contained within the main Dialog website. All posts and accounts have been migrated. We’re now accepting traffic on the new forum only - please POST any new threads at//www.xmece.com/support. We’ll be fixing bugs / optimising the searching and tagging over the coming days.
6 posts / 0 new
Last post
w.puchar
Offline
Last seen:2年11个月前
加入:2018-05-08 08:30
Making out software for DA14583 protected

We want our software copy protected.
DA14583现在始终允许在RS-232上引导自己的代码,这些代码可以简单地阅读所有闪存并发送它。即使没有这个,闪光灯也可以通过外部引脚访问,而CPU在重置时保持。

For what i've read already OTP ROM is factory pre-programmed in DA14583. If i read wrong please correct me.

If not - is it possible to get DA14583 chips with unprogrammed OTP so i could program it with with my own bootloader that would decrypt code from flash with our own key?

Device:
PM_Dialog
Offline
Last seen:20 hours 43 min ago
工作人员
加入:2018-02-08 11:03
Hi w.puchar,

Hi w.puchar,

No, what you mention is valid, the 583, had allready a bootloader in the OTP in order to directly boot from the SPI flash, but, with the 583 there is the option of the advanced bootloader, in order to burn an extra loader in the OTP and will execute a decryption procedure of an encrypted. You will be able to check details of that functionallity in theUM-B-012 DA14580/581/583 Creation of a secondary boot loader. The secondary bootloader also implements the encrypted image functionallity.

Thanks, PM_Dialog

w.puchar
Offline
Last seen:2年11个月前
加入:2018-05-08 08:30
Thank you for answer. I've

Thank you for answer. I've read the document. I can easily test my OTP firmware without writing to OTP - loading it over RS-232. and then finally write OTP.
Just to be sure - is then (after my OTP program written) possible anyhow to circumvent it's loading or anyhow else get access to read OTP - for example by SW* pins?

I understand it itsn't but want to be sure.

PM_Dialog
Offline
Last seen:20 hours 43 min ago
工作人员
加入:2018-02-08 11:03
Hi w.puchar,

Hi w.puchar,

你不能让设备100% steal proof, since if there is a will there’s a way. Instead you can try to make it difficult to hack, in order to achieve that and prevent someone to access the flash or OTP you can do the following.You could use the secondary bootloader (as an advanced bootloader in the OTP and with encryption procedure as mentioned ), disable the JTAG in the OTP and modify it by disabling the UART, so when the 583 boots up will check the advanced bootloader option before checking anything else, so it will boot with the advanced bootloader on which you will ONLY enable the SPI option and directly boot from the internal SPI. Of course this solution is not again steal proof, since by powering of the embedded flash and booting from a flash that has a fw like the uart_programmer can again access your code, in any case, since you are booting from external serial device, there is no way to make the access to your flash totally secure but at least you will be able to make it more difficult to hack.

Thanks, PM_Dialog

w.puchar
Offline
Last seen:2年11个月前
加入:2018-05-08 08:30
----------------------

----------------------
so when the 583 boots up will check the advanced bootloader option before checking anything else, so it will boot with the advanced bootloader
----------------------

That's seems OK as my bootloader decrypt main firmware from flash. So there is no problem if flash can be read. My bootloader doesn't allow booting arbitrary code from anywhere else, but it allow writing flash over my own serial protocol (for firmware update) but again only encrypted firmware is transmitted.

so can anyone run it's own program (that will read out OTP including my encryption key and routine) without knowing encryption keys?

PM_Dialog
Offline
Last seen:20 hours 43 min ago
工作人员
加入:2018-02-08 11:03
Hi w.puchar,

Hi w.puchar,

You should be aware of that if someone is willing to break into the code and run its own program might find a way to do that. There is no way to make the device 100% steal proof and fully protected. For example someone can replace the flash you use and upload a new firmware into the 58x device in order to hack it. What the device will boot depends on the bootloader that is burned in the OTP, if you are confident that your bootloader is not going to allow something like that, then this is something that has to do with your custom loader. What I am supposing is that have to make you product protected as you are able, but there are technics for hacking it.

Thanks, PM_Dialog