• State Resolved
  • Locked Locked
  • Replies 8 replies
  • Subscribers 79 subscribers
  • Views 6697 views
  • Users 0 members are here
Support feedback
Options
Options
Similar topics

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

How can I make MSP430 undebugable and unreadable but erasable and rewriteable

BasePointer
Expert 1570 points
Other Parts Discussed in Thread: MSP430F47187

Hi,

We are using MSP430F47187 for one of our project. I wonder the way of making it secure for mass production.

Secure meas here that:

- Not possible to debug available code

- Flash content can not be read by external interface such as JTAG or BSL

- Erasing whole flash and rewriting something new is possible over JTAG.

 

10x,

BP.

  • 0
    Guru 227245 points

    All MSPs feature a JTAG fuse. If it is blown, no more JTAG access is possible.

    On older MSPs, this is a physical fuse. Blowing it requires a programmer (FET) that is capable of producing a high overvoltage on the TEST pin and handle the blow process. On newer MSPs, the fuse is a dedicated flash area and checked by the MSPs reset microcode. Here any programmer should be able to 'blow' it.

    What's left then is the Bootstrap loader. The BSL is password protected. On older MSPs, a wrong password will simply be rejected and leave you only the option to do a mass erase (or reset and try again). On newer MSPs, a wrong password will automatically do a mass erase. After a mass erase, the code and info memory are gone and the BSL accepts the standard password as well as commands for programming the MSP.

    However, as long as JTAG is enabled, programming, readign and debugging is possible. If JTAG is disabled, no more JTAG access (including erase and reprogramming) is possible. Only the BSL remains.
    Be aware that most of the G series devices do not have a BSL.

  • 0 in reply to Jens-Michael Gross
    Expert 1570 points

    We are not using BSL. For the JTAG, I think our MSP is new. So Is that flash area which indicates fuse status, erasable with JTAG?

    Or can I change it with code running on MSP?

     

    10x.

     

     

  • 0
    Guru 12160 points

    Devices with the flash BSL (5xx/6xx) can give you what you are looking for, but not the F471xx I'm afraid.

    To prevent JTAG reading and debugging, you'd have to burn the JTAG fuse, which is irreversible.  Then no more JTAG, not even to erase and reprogram.

    However, on flash BSL devices, you can mass erase the device using the BSL.  Then you can use the BSL to install code that restores JTAG.  The device is then fully restored.

    Jeff

  • 0 in reply to Jeff Tenney
    Expert 1570 points

     

    This is another very bad news from TI :(

     

    Thanks.

  • 0 in reply to BasePointer
    Guru 227245 points

    BasePointer said:
    This is another very bad news from TI

    Hey, you cannot eat the cake and keep it. If you can re-enable JTAG through JTAG, then everyone can, making the JTAG fuse a joke.

  • 0 in reply to BasePointer
    Guru 227245 points

    BasePointer said:
    This is another very bad news from TI

    Hey, you cannot eat the cake and keep it. If you can re-enable JTAG through JTAG, then everyone can, making the JTAG fuse a joke.

  • 0 in reply to Jens-Michael Gross
    Expert 1570 points

    Do you mean TI did it like that because of security? :)

  • 0 in reply to BasePointer
    Guru 227245 points

    Security is the only reason for things like a JTAG fuse. So it should better be secure. Else it is like a sign 'burglary forbidden' on an open door - it won't keep the criminals away and make the others laugh.

**Attention** This is a public forum