Disabling SWD interface during production

Ask the Community
Close
Ask the Community
nav search Icon
Forums gray-arrow gray-arrow
Resources gray-arrow gray-arrow
About gray-arrow gray-arrow
Groups gray-arrow gray-arrow
nav-user Account

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob

Disabling SWD interface during production

Pn_4820131
Level 1
Level 1
First question asked First reply posted
‎Nov 27, 2020 06:30 AM
‎Nov 27, 2020 06:30 AM
Jump to solution

Hi all.

I'm currently working on designing a bootloader to be loaded during manufacturing and once it's in the user's hands, the actual firmware is downloaded from our servers. Now, I'd like to permanently disable the SWD interface after the manufacturing firmware has been loaded to prevent it being dumped. I'm new to the PSoc series and I'd like to know what options I have? Can this all be done in code, or do I need a dedicated SWD programmer from PSoc to achieve this?

Thanks

0 Likes
Subscribe
1 Solution

Re: Disabling SWD interface during production

DheerajK_81
Moderator
Moderator
Moderator
First comment on KBA First comment on blog 5 questions asked
In response to Pn_4820131
‎Dec 01, 2020 10:02 PM
‎Dec 01, 2020 10:02 PM
Jump to solution

Hello,

Can you please let me know which PSoC6 device you are referring to? PSoC6 devices come with EFuses that you can burn to enter SECURE mode where the DAP is disabled completely.

Please refer to the following threads for more information:

Is it possible to prevent user to trace through SWD/JTAG?

Reversible DAP lock using EFUSE_DATA_SECURE_ACCESS_RESTRICT0

Please refer to the Architecture TRM for more information on E-fuses and lifecycle modes.

Regards,
Dheeraj

View solution in original post

0 Likes
4 Replies

Re: Disabling SWD interface during production

Len_CONSULTRON
Level 9
Level 9
Beta tester 500 solutions authored 1000 replies posted
‎Nov 28, 2020 06:15 AM
‎Nov 28, 2020 06:15 AM
Jump to solution

Pn,

In the Design Wide Resources (DWR) there is a tab called "System"

pastedImage_1.png

Select the "Debug Select/GPIO" to allow the SWCLK and SWIO pins to be used as GPIO and therefore cannot be used for debugging.

You should note the following:

In order to program the bootloader, the SWCLK and SWIO pins are used.   At powerup or RESET, these programming pins are available.  If the reset is not intercepted by the programmer, the CPU will go through the boot process and will shortly allow the SWCLK and SWIO pins to be disabled and repurposed as GPIO.

Len

Len
"Engineering is an Art. The Art of Compromise."
0 Likes

Re: Disabling SWD interface during production

Pn_4820131
Level 1
Level 1
First question asked First reply posted
In response to Len_CONSULTRON
‎Nov 28, 2020 09:08 AM
‎Nov 28, 2020 09:08 AM
Jump to solution

Thanks!! Wouldn't this post a security issue in still allowing somebody to still dump the firmware  if they control the reset line? I was hoping there are fuses connected to the swd lines which can be burned, resulting only them pins being used as GPIO?

Thanks

0 Likes

Re: Disabling SWD interface during production

Len_CONSULTRON
Level 9
Level 9
Beta tester 500 solutions authored 1000 replies posted
In response to Pn_4820131
‎Nov 28, 2020 02:42 PM
‎Nov 28, 2020 02:42 PM
Jump to solution

Pn,

You may want to speak to Cypress about your security needs.

At reset/powerup the SWDCLK and SWIO lines are available for programming AND debugging!

There are two options I am aware of to protect FLASH and possibly EEPROM and RAM.

Option #1:  There is a "FLASH SECURITY" tab in the DWR.   Here you can protect FLASH for "FULL PROTECTION".   However, I don't know what the limitations are if you want to use a bootloader and allow for in-field firmware updates.

Option #2:  The "System" tab of the DWR allows for Chip Protections of "Open", "Protected (no debugging)" and "Kill (program once and reprogramming not allowed)".   For you, probably only "Protected" is useful.  The "Kill" option blows a security fuse after programming.  This prevents any debugging and any reprogramming as well.   If you need to change the code you need to throw away the CPU.

... once it's in the user's hands, the actual firmware is downloaded from our servers.

With the above statement I don't know how you're going to protect the load the user is loading into the product in the field.   Any file supplied to the bootloader can be reverse-engineered.

Len

Len
"Engineering is an Art. The Art of Compromise."
0 Likes

Re: Disabling SWD interface during production

DheerajK_81
Moderator
Moderator
Moderator
First comment on KBA First comment on blog 5 questions asked
In response to Pn_4820131
‎Dec 01, 2020 10:02 PM
‎Dec 01, 2020 10:02 PM
Jump to solution

Hello,

Can you please let me know which PSoC6 device you are referring to? PSoC6 devices come with EFuses that you can burn to enter SECURE mode where the DAP is disabled completely.

Please refer to the following threads for more information:

Is it possible to prevent user to trace through SWD/JTAG?

Reversible DAP lock using EFUSE_DATA_SECURE_ACCESS_RESTRICT0

Please refer to the Architecture TRM for more information on E-fuses and lifecycle modes.

Regards,
Dheeraj

0 Likes