Hello,
How hard is it really to backward engineer a .hex file distributed as part of a software update, and extract from it useful information about IP (I know there are decompilers available for practically all platforms but I never really used one)? I was considering encoding a software update file, decoding the data on the controller before IAP - but is it worth it?
Bypassing CRP - see here:
water.cse.unsw.edu.au/.../crp-security.html