Electronic – Code Security of ARM Cortex M4 MCU

armcortex-mcortex-m4

What are the main methods the code inside a certain ARM Cortex M4 MCU (TI LM4F120H5QR etc) can be extracted after deployment?

Is it possible to completely stop a third party from stealing the code in it?

Best Answer

Complete is never possible. You can just raise the effort & cost.

It has nothing to do with 'cortex m4', but everything with the manufacturer's implementation of the chip.

Your chip has the usual set of read/execute protection bits. I doubt much is known in the (open) literature about the detailed weaknesses of such a new chip.

Very generally speaking, such a 'run-of-the-mill' protection scheme is OK against individual hackers, most countries, and low-budget competitors. It probably won't hold against a large corporate competitor (IBM/Apple/Google sized, especially if they own a chip fab), the CIA, or the combined effort of the hacker community.

A notable way to protect your code is to hide as little as possible, so reduce the population that will take part in hacking your product. If the 'combined hacker community' wants to do something with your device that you don't really object to, make sure they can do that without totally hacking your device. That will substantially reduce the combined effort put into hacking it.

What the mechanisms will be that can be used to circumvent the protection scheme of this particular chip can't be predicted, but you can read how other chips have been cracked for an idea of the range of methods. Just a few:

  • out-of spec power supply voltages and/or cycling
  • careful monitoring of supply current
  • decapping the chip and disabling the protection scheme by UV light, or by cutting lines
  • decapping and reading the electrical charges (or currents) in the memory array