This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Reverse engineering and Hardware security

Hi Nordic Semiconductor, I am Yoganathan Sivakumar studying Master in System on chip in LUND University. I wanted to ask some technical question in industry oriented. I wanted to know companies are doing Reverse Engineering in IC? Do Nordic Semiconductor do reverse engineering in their Hardware IP's. Do Nordicsemi design hardware security module for their products. I was following your company for longtime,That's why I am posting my question. Hoping to get a reply

Parents
  • Hi,

    For protecting the software on the chip, we have something called readback protection on our nRF52-series chips. This prevents users from using a debugger to read the flash and RAM. Setting APPROTECT "disconnects" the ability to connect with a programmer/debugger, but it still allows the microcontroller to access its own flash and RAM area. See this whitepaper.

    The only way to 'reopen/unlock' the device after APPROTECT is set, is to issue an ERASEALL command through the CTRL-AP access port, and then issue a reset through the CTRL-AP. (nrfjprog --recover). This will erase the entire code flash and UICR area of the device, in addition to the entire RAM.

    Note that our nRF51 and nRF52 series are much more complex than the old legacy products(e.g. nRF24L01+), and it’s extremely difficult and close to impossible to make a counterfeit nRF5x chip.

Reply
  • Hi,

    For protecting the software on the chip, we have something called readback protection on our nRF52-series chips. This prevents users from using a debugger to read the flash and RAM. Setting APPROTECT "disconnects" the ability to connect with a programmer/debugger, but it still allows the microcontroller to access its own flash and RAM area. See this whitepaper.

    The only way to 'reopen/unlock' the device after APPROTECT is set, is to issue an ERASEALL command through the CTRL-AP access port, and then issue a reset through the CTRL-AP. (nrfjprog --recover). This will erase the entire code flash and UICR area of the device, in addition to the entire RAM.

    Note that our nRF51 and nRF52 series are much more complex than the old legacy products(e.g. nRF24L01+), and it’s extremely difficult and close to impossible to make a counterfeit nRF5x chip.

Children
No Data
Related