 |
 |
| View previous topic :: View next topic |
| Author |
Message |
jojos
Joined: 30 Apr 2007
Posts: 64
|
| Is my eeprom protected and how to |
 Posted: Wed Mar 11, 2009 1:54 pm |
 |
|
| Hello i am working on a project with a PIC 16F687. In this PIC i store on its eeprom some values that represent credits for water consumption charging. I wanted to ask if it is possible someone to load credits to the eeprom so he can <<hacks>> the memory without paying for these credits. This thing is crucial so i can see if there is any security for my system. Thank you. |
|
 |
Ttelmah
Guest
|
|
| Posted: Wed Mar 11, 2009 3:48 pm |
|
|
You need to enable two fuses. The first, 'CPD', prevents a programmer from accessing the EEPROM. The second, is 'PROTECT', which does the same for the main memory. This is essential, since otherwise, it is possible to bypass the protection, by updating parts of your code...
To write the chips, write one with the protection _off_. Verify it. Then enable both protection bits. If you now read the chip, you will get a encrypted version of the contents. Store this. Then blow future chips from your master code, with the protection on, and verify these against the contents to the file you stored.
Basically, if anyone turns these bits off with a programmer, the corresponding section of the chip, is completely erased. The 'read' encrypted code, cannot be written into another chip (won't work), but will always be the same, from a chip containing the identical code. Hence it works for verification.
Best Wishes |
|
|
jojos
Joined: 30 Apr 2007
Posts: 64
|
|
| Posted: Thu Mar 12, 2009 2:00 am |
|
|
| Thank you Ttelmah for your response. I tried to Protect the chip and it worked. Mainly I made this post because i can remember that in the past it worked with some atmel chips it was possible to load only eeprom data in hex format without reprogramming the flash memory. Is this possible to me made on a PIC because if it is there goes security. I see in the configuration bits that is a Data Read Protect bit. Does this prevent an outside write of the eeprom (of course if it is possible)? |
|
|
Ttelmah
Guest
|
|
| Posted: Thu Mar 12, 2009 4:10 am |
|
|
This is down to why the fuses are implemented 'inverted'.
On a PIC, you can clear a location during programming, without using an erase, but to _set_ a location, you have to perform an erase on the block involved. So to turn off the fuse protecting the EEPROM, you have to erase the configuration memory part covering both fuses. This implies that the code protection fuse also gets turned off at the same time. Each of these fuses, autoatically erases the memory it covers, if it is disabled. So you use a programmer, and turn off the EEPROM protection, and immediately, you have lost both the EEPROM contents, _and_ the program as well. You can then write whatever you want to the EEPROM, but you have no code to talk to it. Obviously you can write code back, but without the unencrypted code, you will have to write your own complete version, to give the right replies.
This though is why the code should contain hidden checks, so that when the proper system talks to it, you can verify that this is the 'real' code...
Best Wishes |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|
FAQ 
Search
Register
Profile 
Log in to check your private messages 
Log in
