Enable device (PSoC3) protection

Discussion of the PSoC Creator Integrated Development Environment for PSoC3 & PSoC5 devices.

Moderator: ericb

Enable device (PSoC3) protection

Postby cboland » Tue Apr 29, 2014 10:27 am

I've written my code for PSoC3 using PSoC Creator 3.0. Now I'd like to protect my code from being read/viewed/debugged by anyone else. To do that it appears as though I "Check" the "Enable Device Protection" box under the "*.cywdr" -> "System" Tab. But, before I do that, I have two questions.

1) If I enable device protection, will I be able to write to the chip ever again? I know with Microchip one could protect the code but also had the ability to erase/re-program the chip if needed (even if it was protected). Does the PSoC3 work like that?

2) Are there any other precautions I should take to protect the code?

Thanks!
cboland
Newbie
Newbie
 
Posts: 4
Joined: Tue Jan 21, 2014 3:04 pm

Re: Enable device (PSoC3) protection

Postby bobmarlowe » Tue Apr 29, 2014 12:10 pm

Since this is a critical question I would suggest you to get reliable information directly from Cypress.
Go to Cypress, "Support&Community -> Create a MyCase".
I think some registration might be required, but one of the engineers will give you a reliable answer.


Bob
User avatar
bobmarlowe
The Big Cheese
The Big Cheese
 
Posts: 1490
Joined: Thu Oct 06, 2011 2:03 am
Location: Germany

Re: Enable device (PSoC3) protection

Postby cboland » Tue Apr 29, 2014 1:20 pm

After reading the Docs for my chip a bit deeper, they strongly imply that once you set the bits you're done!
So, I guess if you correct some bugs in your code you cannot simply reflash the device. You must replace the PCB, or remove the 100pin, $12.00 chip (in my case) and replace it with another. This is a HUGE down side to this Cypress chip!!!

If I find something different from Cypress I will update this post.
cboland
Newbie
Newbie
 
Posts: 4
Joined: Tue Jan 21, 2014 3:04 pm

Re: Enable device (PSoC3) protection

Postby bobmarlowe » Wed Apr 30, 2014 2:27 am

Normal device protection schemes get reset when you erase the chip. This is no downgrade because your project is still protected, nobody can read it.
Care should be taken for areas used ad emulated eeprom which may not be protected.
In some devices there could be a "Last Fuse" that even could prevent the device from beeing flashed.


Bob
User avatar
bobmarlowe
The Big Cheese
The Big Cheese
 
Posts: 1490
Joined: Thu Oct 06, 2011 2:03 am
Location: Germany

Re: Enable device (PSoC3) protection

Postby cboland » Wed Apr 30, 2014 8:47 am

Thanks for the info. Cypress is telling me about the same thing, but I'm still gathering info.
One thing I overlooked was the "Flash Security" tab and its settings. I have to look up what that all means too.
cboland
Newbie
Newbie
 
Posts: 4
Joined: Tue Jan 21, 2014 3:04 pm

Re: Enable device (PSoC3) protection

Postby danadak » Thu May 01, 2014 2:35 am

From the TRM -

Protection is cumulative in that modes have successively
higher protection levels and include the lower protection
modes. Flash protection can only be set once. To change
flash protection settings after they are set, the flash contents
must be completely erased and reprogrammed, then the
protection levels can be set again. See the Nonvolatile
Memory Programming chapter on page 425for erasing and
programming flash. Table 20-1shows the protection modes.


8.3 Write Once NV Latch
The Write Once (WO) latch isa type of nonvolatile latch.
The cell itself is an NVL with additional logic wrapped
around it. Each WO latch device contains 4 bytes (32 bits) of
data. The wrapper outputs a 1 if a super-majority (28 of 32)
of its bits match a pre-determined pattern (0x50536F43) and
it outputs a 0 if this majorityis not reached. When the output
is 1, the Write Once NV latch locks the part out of Debug
and Test modes; it also permanently gates off the ability to
erase or alter the contents of the latch. Matching of all bits is
intentionally not required, so that single (or few) bit failures
do not deassert the WO latch output. The state of the NV
latch bits after wafer processing is truly random with no ten
dency toward 1 or 0.
The WOL only locks the part once the correct 32-bit key
(0x50536F43) is loaded into the NVL's volatile memory, pro
grammed into the NVL's nonvolatile cells, and the part is
reset. The output of the WOL is only sampled on reset and
used to disable the access.
This precaution prevents anyone from reading, erasing, or
altering the content of the internal memory.
The user can write the key in WOL to lock out external
access only if no flash protection is set. However, after set
ting the values in the WOL, a user still has access to the part
until it is reset. Therefore a user can write the key into the
WOL, program the flash protection data, and then reset the
part to lock it. See the Flash, Configuration
Protection chapter on page 171for details on flash protec
tion.
If the device is protected with a WO
latch setting, Cypress cannot perform
failure analysis and, therefore, cannot
accept RMAs from customers. The WO
latch can be read via the SWD to electri
cally identify protected parts.


"So, I guess if you correct some bugs in your code you cannot simply reflash the device. You must replace the PCB,
or remove the 100pin, $12.00 chip (in my case) and replace it with another"

Why not use a modified bootloader ? Encrypt file supplied, unencrypt in bootloader ? Could even
add a serial number chip to design to make a public/private key bootloader process ? I have never
done this, just thinking of possibilities.

Bootloader app notes -

http://www.cypress.com/?rID=50230%20%20%20%20AN68272%20%20UART%20Bootloader

http://www.cypress.com/?rID=57561%20%20%20%20%20AN73503%20USB%20Bootloader

[urlhttp://www.cypress.com/?rID=41002 AN60317 I2C Bootloader[/url]


Regards, Dana.
Field Application Engineer
KB1RHB Mostly listen :)
Semi Retired
User avatar
danadak
The Big Cheese
The Big Cheese
 
Posts: 2008
Joined: Thu Dec 27, 2007 8:42 am
Location: New Hampshire


Return to “%s” PSoC Creator (PSoC3 & PSoC5 IDE)

Who is online

Users browsing this forum: No registered users and 1 guest