EmbeddedRelated.com
Forums
   Forums    More Forums    msp430  

Guru needed

Started by marcostucchi2000 July 6, 2004
Reply by Dieter Teuchert July 8, 20042004-07-08

Brian C. Lane wrote:

>onestone wrote:
>
>  
>
>>Hi Brian
>>
>>Perhaps you'd be better off with a DSP? I do use the MSP430 for
DSP, but 
>>primarily for fairly simple filters, and, at 8k sample rate still
can't 
>>    
>>
>
>Not to give too much away, but the code is for a DSP. The '430 has a TI

>DSP's host port connected to a bunch of its I/O pins. The DSP code is 
>loaded into the DSP's RAM at bootup. Putting the DSP code into a
'430 
>with the fuse blown is a bit more secure than having it hanging out in a 
>  flash attached to the DSP.
>
>Brian
>
>  
>
Unless you need other peripherals of the MSP430, here another proposal 
for DSP firmware security:

Combine a flash with a laser ID chip (Single Wire).

Then you need the capability in the DSP firmware to read the ID. Then 
the firmware can modify itself during the first boot such as to boot and 
function later only with the unique id present (use ID for encryption). 
Imitating the ID chip is "impossible".

In this way you can choose the flash you like, development is only for 
one processor (the DSP) and you have a true serial number built into 
your device. If you choose a singlewire temperature sensor as ID, you 
have the temperature sensor of the MSP430 replaced, too.

Regards
D. Teuchert

-- 
Dipl.-Phys. Dieter Teuchert
Software und Systeme
Postanschrift:



Telefon:
Telefax:
EMail Firma:
EMail perslich:
Internet:
	Rommelstr. 6
D-76571 Gaggenau
Germany

+49 7225 989253
+49 7225 989254
info@info...
dieter@diet...
_http://www.cadt.de_

Beginning Microcontrollers with the MSP430

Reply by Brian C. Lane July 8, 20042004-07-08
Dieter Teuchert wrote:
> 
> Unless you need other peripherals of the MSP430, here another proposal 
> for DSP firmware security:
> 
> Combine a flash with a laser ID chip (Single Wire).
> 
> Then you need the capability in the DSP firmware to read the ID. Then 
> the firmware can modify itself during the first boot such as to boot and 
> function later only with the unique id present (use ID for encryption). 
> Imitating the ID chip is "impossible".
> 
> In this way you can choose the flash you like, development is only for 
> one processor (the DSP) and you have a true serial number built into 
> your device. If you choose a singlewire temperature sensor as ID, you 
> have the temperature sensor of the MSP430 replaced, too.

The problem is that the code is still in the flash, and some part of it 
has to be 'in the clear' in order for the DSP to boot. It would be
nice 
if TI had built a 'secure bootloader' into the DSP so that the flash 
could be encrypted (or at least obscured to some degree).

The basic problem is that if the code passes across wires it can be 
sniffed, disassembled and copied. The real solution is DSP's with 
integrated flash for booting.

I should probably stop before I get into trouble for talking too much 
(don't you just love working with closed source).

Brian

-- 
-----------------
Brian C. Lane (W7BCL)                      Programmer
www.shinemicro.com   RF, DSP & Microcontroller Design
Reply by Brian C. Lane July 8, 20042004-07-08
onestone wrote:

> Neat idea. Inefficient ;@} but neat. I have to
admit security has never 

Thanks :) Its actually not too terrible, overhead for the load is 
minimal, being a start address and count and most of the code goes into 
contiguous memory so most of the usage is raw data. but it would be nice 
to have it compressed as well -- that's on the list of stuff to do as 
soon as there's time (or I totally run out of space).

> been of huge concern to me in micros, having , for
a while, specialised 
> in reverse engineering. It became obvious to me that functional 
> reproduction is far cheaper than expensive software cracks. The only 
> thing I do is have a few code or data tables that are real, but which, 
> when decoded show a copyright message. Other than that first in best 
> dressed, keep every code copy, and have the next 4 versions ready before 
> mk 1 gets released.

A copyright notice is a must if you ever have to go to court to prove 
that someone has copied your code. On some older Motorola parts they had 
'extra' opcode values that could be used to obscure some pieces of
code, 
but in the end if you can read it you can copy it and you can eventually 
understand it and reproduce it.

The '430 was a part we were already using and has the added benefit of 
having a large flash (most of which was not being used  by '430 code) 
and the JTAG fuse blowing feature. We also looked hard at the LPC21xx 
series but they have no code protection at all.

Brian

-- 
-----------------
Brian C. Lane (W7BCL)                      Programmer
www.shinemicro.com   RF, DSP & Microcontroller Design
Reply by Matthias Weingart July 8, 20042004-07-08
On Thu, Jul 08, 2004 at 05:29:36PM +0200, Dieter Teuchert wrote:

> Unless you need other peripherals of the MSP430,
here another proposal 
> for DSP firmware security:
> 
> Combine a flash with a laser ID chip (Single Wire).
> 
> Then you need the capability in the DSP firmware to read the ID. Then 
> the firmware can modify itself during the first boot such as to boot and 
> function later only with the unique id present (use ID for encryption). 
> Imitating the ID chip is "impossible".

It is quite simple to imitate a Dallas one wire serial number chip (DS2401?)
by a PLD or even a faster microcontroller. They store just some bits, no
encryption, no special security. You just need to know the serial number
and as far as I remember the number is printed on the button-type case.
 
M.
Reply by Brian C. Lane July 8, 20042004-07-08
Matthias Weingart wrote:

> On Thu, Jul 08, 2004 at 05:29:36PM +0200,
Dieter Teuchert wrote:
> 
> 
>>Unless you need other peripherals of the MSP430, here another proposal 
>>for DSP firmware security:
>>
>>Combine a flash with a laser ID chip (Single Wire).
>>
>>Then you need the capability in the DSP firmware to read the ID. Then 
>>the firmware can modify itself during the first boot such as to boot and

>>function later only with the unique id present (use ID for encryption). 
>>Imitating the ID chip is "impossible".
> 
> 
> It is quite simple to imitate a Dallas one wire serial number chip
(DS2401?)
> by a PLD or even a faster microcontroller. They store just some bits, no
> encryption, no special security. You just need to know the serial number
> and as far as I remember the number is printed on the button-type case.

The 2401 is a bit small to print the serial number on :> Its a 6 pin 
SOIC(I think that's the package). Also, the full 64 bits aren't
unique, 
there are 8 bits of family code and 8 bits of CRC8 checksum. The 
remaining 48 bits are sequential from the factory, so figuring out a 
range to brute force isn't too difficult.

But its better than nothing :)

Brian

-- 
-----------------
Brian C. Lane (W7BCL)                      Programmer
www.shinemicro.com   RF, DSP & Microcontroller Design
You might also like... (promoted content)
New Research Report: The State of IoT Software Development
New Research Report: The State of IoT Software Development
New Research Report: The State of IoT Software Development
Check out Memfault's New Sandbox!
Check out Memfault's New Sandbox!
Check out Memfault's New Sandbox!