Hi, I have LPC1788 embedded board with external NAND flash.Is it poosible to put some code/function in the NAND flash that we are able to run ?
Best Regards, Mostafa
But you are making sure it's you, and your company, that gets the costs. The intention is for you to save money.
Let's say you spend three weeks extra to implement this security. Will management then give you three weeks extra, to make sure it doesn't affect the quality of the rest of the software? And will the management allocate extra resources for the support - since you will get higher support costs when you get issues out in the field? And will the management allocate extra resources for the maintainance of the software, since increased complexity will introduce more errors and require you to spend more time on this software for the rest of the economical life if it?
The decision should be to maximize profit. And then you need to show that the probabilities - and the dangers of - someone reverse-engineering your software is much higher than all the costs it takes to try to protect the code.
If anyone gets access to the content of the internal ROM, then any protection you have tried will fail totally.
If you can protect the internal ROM - and make sure all critical data is there - then you can get by with a very, very, very much simpler solution. Then it's enough to just use a cryptographically strong hash function to verify the integrity of the code that is stored in external flash - and make sure you refuse to run any external code that isn't properly signed.
Right now, you are trying to build Fort Knox with several meters of armored concrete walls on a building with a dirt floor - anyone who wants the data will just dig under the walls and ignore your costly protection.
If you really have millions of dollars of value to protect, then you should pay for independent security reviews by someone who specializes in security audits. You would most probably be surprised by the security holes that are likely to show up. One single buffer overflow somewhere in your code will totally 100% invalidate every single line of advanced protection you added to your shell protection. If you want Fort Knox security, then your company must be ready to invest massive amounts of money - which is only meaningful if you have massive amounts of money to protect.
One single bad line if code in your complicated protection can make your company lose significant amount of money in goodwill losses, and in work needed to replace the software with corrected software. And down time while the customers waits to receive the fixed software. And potentially a need for a physical visit to every installation in case that bug breaks any over-the-air remote update functionality. In short - complexity costs money. Often huge amounts of money. And complexity reduces the quality of the base functionality - the one the customers is actually paying for. That's why someone a bit up in management should sign the work order for complex solutions after having received a document that clearly describes the problems involved, and the potential for significant additional costs down the line.
Realize that most information losses doesn't happen from people investing heavily in breaking advanced encryption - there are just too many other ways to get access to information. It's just so much cheaper to trick you - or quite a number of other people around you - to insert that USB thumb drive they happened to find on the parking lot outside your job. And that is why a number of companies tries to keep their important data on machines that aren't networked - until some unsuspecting employee decides to charge their Android phone from a USB connector.
In the end, AES-256 will just trick you into believing your data is well protected.
Thank you for your help. I want to mentioned some issues:
1- It is true that takes about few weeks (about 4 six month) to implement this security for testing and some other issues. But it is done for once. If all things will be automated, there is no concern about allocating extra resources. Because the system have alarms for probable faults and are able to recovery itself in some situation. We are already doing for AVR micro-controller system.
2- considering these few weeks does not effect the cost of support. Because many things will be done automatic.
3- Please consider that you developed a software and hardware with weak security in a short time. What is your sense, if your hardware copy in a day and you can not make profit! But I think if your system has many securities, it will be hacked more time with extra costs. If we see that the software hacks after 2 years of production time. It can be reasonable than a month after production time.
4- Another thing that i believe, It is not related that how the company is big and rich. In my opinion, I, as an engineer, should have the most talent to protect my innovation. Starting from this simple security can be ended with an intelligent securities.
5- As an important things, as my opinion, stolen data from WIFI or USB flashes or something else need many times to construct and copy the production. But if the software needs many updates and supports more capabilities, It can not be supported furthermore. for example one of our earlier software was cracked because of simple encryption. After that we changed the security and by the next updates, they can not continue producing the fake software.
6- Assigning an expert team has many cost that our management system can not accept them. But they can not accept an earlier copy of the software. In this way, taking 4 weeks is really reasonable.
At the end, we want to build a system that when they try to remove a simple ICs the system can detect and generate the faults.
And finally, I do not have many experiences in electronic system (about 14 years). But i hope consider your helps and supports and design to reduce the cost of maintenance as much as possible.