Dear support team,
We use Colibri VFxx modules with custom OS image WinCE 6.0.
Our task - to protect program in Flash memory against copying.
Now I protect my application by using Unique ID / UUID in Vybrid CPU.
But malefactor can read Flash memory via Bootloader menu. Right?
After that he can hack OS image and my .exe file to remove ID / UUID verification. Right?
Question: Is there some mechanisms to protect Flash memory against reading? (as it done in microcontrollers)
Currently you can dump out NAND flash pages for debugging Rebuilding an executable file from that data would not be easy.
You may protect your exe by encrypting it and decrypting its contents into RAM before executing etc. But all those systems can be hacked with a jtag emulator, probably.
You have some fuses on Vybrid that may be used for those purposes, but changing them will prevent us from doing RMAs of your module.
You can’t prevent reading from flash, since it’s not internal and the loader/os need to read it to boot and execute your image.
I do have the same question as above. So to be clear: There is no way to protect the executable from being copied? We are using the iMX6 module instead of VFxx, does this make a difference?
There are some techniques you can use to limit access to flash, but the memory is external and the processor needs to read your exe to run it. You can disable jtag interface via fuses (but we will not be able to do RMAs on your device) or encrypt your entire flash and filesystem (but this will require quite some effort on your side since it’s something we don’t provide out of the box).
You can also put your module inside the OS image, this will prevent people from getting the original exe (when executables are put inside image they are separated in different sessions), so rebuilding it will require some effort.
On microcontroller flash is internal, so they can’t prevent read/writing from outside easily.