I’m using the TMS570LC4357 Customer OTP flash to try to create a secure permanent boolean. That is, a switch that can be flipped once and never unflipped. However, this is made challenging by the following:
- All OTP flash on this device appears to be ECC flash
- ECC correction cannot be disabled on this model MCU
- The Flash API allows me to zero any 1’s in the ECC byte
My impression is that an attacker with arbitrary code execution could un-zero a bit of data by zero-ing ECC bits. I've been able to confirm this in testing. This represents a potential security vulnerability for our intended design.
Is there documentation available on the ECC algorithm? It would be insightful to see the equations.
My current workarounds involve zero-ing 64 bits of data and its corresponding ECC byte, such that the end result is both permanent and deterministic (even if error correction returns wrong data, it will be consistently wrong in an immutable way). An algorithm would then analyze those 64 bits of data and/or 8 bits of ECC and return a boolean, to workaround error correction and simulate our permanent switch. I’m thinking I could check if the ECC byte is 0 (presuming the error correction logic won't correct the error code itself), or I could count the number of high bits in the data and check that it’s below a certain threshold (presuming the error correction logic can only correct a limited number of bits).
I’m wondering if I’m interpreting this situation correctly, and if TI has any better suggestions for working around the issue.
Thanks!
