Site icon Break IC, Recover MCU, Microcontroller Reverse Engineering

Discover Chip Firmware

The next possible way of dicover chip firmware from a device is playing around with its interface signals and access protocols. Also, if a security protocol is wrongly implemented, that leaves a hole for the MCU cracker to exploit.

Some microcontrollers and smartcards have a factory-test interface that provides access to on-chip memory and allows the manufacturer to test the device. If an ic cracker can find a way of exploiting this interface, he can easily discover the firmware stored inside the chip. Normally information on test circuits is kept secret by the manufacturer, but an mcu cracker can try applying different voltages and logic levels to the pins in the hope that it will put it into test mode.

This sometimes works for microcontrollers but in smartcards such test circuitry is usually destroyed after use. Also, embedded software developers sometimes implement functions that allow reading from MCU internal memory for test and update purposes. That must be done in a way that prevents any access to the code without proper authentication, or so that the code can be sent out in encrypted form only.

The next possible way of dicover chip firmware from a device is playing around with its interface signals and access protocols. Also, if a security protocol is wrongly implemented, that leaves a hole for the MCU cracker to exploit
Exit mobile version