Hi,
My customer has implemented the AES128 stack on a MSP430F2xxx eval board. The prototype works, but the customer has concerns regarding code security.
Application: battery pack authentication for (AED) Automated External Defibrillators. Note: RFID was considered, but will not work due to wire interface requirements.
- Customer has a prototype implemented in MSP430F2xxx. Engineer download AES128 stack and implemented it in an eval board with 4k flash and I2C
- Customer understands the BSL attack and decap methods of stealing IP
- Customer understands that MSP430F5xxx BSL is more secure since it erases code on incorrect password
- Customer understands that decapsulating a chip and examining the metallization layers is not hard to do, and can be done with minimal investment in equipment
In order to help the customer quantify the chances of counterfeit battery packs, can you answer these questions?
Questions:
- Is it possible to completely disable the BSL in order to eliminate it as a way to steal IP?
- Assume the attacker decapsulates the chip. Did TI employ any tricks to make it more difficult for the attacker to decipher the code?
Thanks,
Rick
