Firas_Baccouri wrote: ↑Wed Jul 13, 2022 6:56 am
jimmo wrote: ↑Mon Jul 11, 2022 12:50 pm
But again... I would seriously question how valuable this is and whether it's worth the additional cost and complexity to your development. What are you really protecting against?
I want to prevent the micropython code running on the controller from any attacker . This is my main goal .
Your description is so broad that the only possible answer is: This is impossible. Perhaps you mean something more narrow than what "any attacker" means to all of us?
Just to give you an example of the kinds of things people can do. Back some thirty years ago I was tasked with adding non-trivial functionality to an industrial device used extensively where I worked at the time. The manufacturer had gone out of business and there was no information whatsoever to be had at all. Remember, no internet, no Google, no Stackoverflow, etc.
I don't remember the processor, it was a common rugged 8-bit processor of the era. All I had was a data book and the device.
First, I had to reverse engineer the schematic to the extent possible.
After that, I removed the ROM from the board, got the contents and dis assembled it to get an assembler listing. Oh, yes, the designer thought they were clever and mis-wired the ROM to jumble-up the bits. In other words, instead of wiring bits 0-7 to the corresponding pins on the ROM chip, they wired 5 to 2, 7 to 0, etc. An attempt to make the disassembled code meaningless. That was a wasted effort, it took no time to figure it out and create a hand-wired adaptor board to read the correctly-aligned bits with an EPROM reader.
The next phase took some time. I had to go through the assembler listing, identify variables, functions, memory map, etc. This involved such things as making changes to the code and running it to see what happened. I don't remember how long this took. It was definitely several weeks.
Finally, I identified a routine I could attack to add the functions we needed. I relocated it to the end of the ROM, where there was room to spare. I added jumps to and from that section so that to the rest of the program the routine felt like it was still at the same memory address. Once I got to that point I wrote my own code to add functions to the device and essentially appended the code to the prior function. The change in functionality was not trivial at all, however, once I had my entry point isolated it was no different from normal programming in assembler. In fact, at that point I knew so much about the firmware that we added all kinds of functionality to the device over the years and eventually built a completely new custom version of it from scratch using a newer/faster/better processor.
So, yes, if you truly mean "any attacker", then that is absolutely impossible. If you mean something less than that, maybe.
There's another point to be made. Unless your device has significant economic value or is widely deployed in an industry, there likely isn't much incentive to expend time and effort engaging in reverse engineering anything. Make sure you are not worrying about something that has a low probability of taking place.