PSoC6 secure lifecycle attack

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
JeHu_3414236
Level 5
Level 5
10 likes received First like received

When the PSoC6 is in the secure lifecycle, the SWD/JTAG port should be disabled.  Is the check for disabling still done by software somewhere in the ROM code?  The STM32 SWD protection can be bypassed by voltage glitching.  Can this attack be done on PSoC6?

https://blog.kraken.com/post/3248/flaw-found-in-keepkey-crypto-hardware-wallet-part-2/

0 Likes
2 Replies
Rakshith
Moderator
Moderator
Moderator
250 likes received 1000 replies posted 750 replies posted

Hi JeHu_3414236​,

If the DAP is disabled by entering SECURE mode, then you will not be able to reprogram your device and you will not have any access to the ports. When you are entering SECURE mode the 'one time programmable' efuses will be programmed. The system boots up with the ROM boot code and it reads the efuse value to enable or disable the port.

According to my understanding, (please correct me if I am wrong) two features of the micro-controller is misused -

1. The protection data is written in flash memory as that is the only non volatile memory in the micro-controller.

          This is not the case in PSoC 6 and the protection settings are programmed into efuses and this can not be reprogrammed. So any device which enters SECURE mode can no longer be changed back to SECURE WITH DEBUG or NORMAL mode.

2. Soft reset, which just resets the core and not the entire system.

          Once the device enters SECURE mode, there is no access to the DAP port. So there is no way you can communicate with the device to do a soft reset.

Please let me know if you have any other queries/concerns.

Happy to help,

Thanks and Regards,

Rakshith M B

Thanks and Regards,
Rakshith M B
0 Likes

I believe the power glitch is meant to corrupt the protection data when it is loaded into a CPU register for comparison and not corrupt the flash memory.  In the PSoC case where the efuse is used, is the efuse value also loaded into a CPU register for comparison where it can be corrupted?

0 Likes