Protecting code.

Is there a way to somehow protect the code on an Arduino so no one can look at it or retrieve it from the chip? Maybe password protection or something like that. I’m going to use an Arduino in a commercial product and I want the code inaccessible to the end user.

Thanks

When you upload the code to the chip it is compiled into hexadecimal code.

That is enough to stop almost all attempts.

Second, you can’t just plug in the arduino and pull the compiled code off. You would have to have special hardware to read the chip which 99% of the consumers wont have.

and finally, code protection is useless to the determined hacker. If someone has enough drive they could potentially reverse engineer the code. Piracy is rampant in software development and they have teams trying to develop uncrackable applications only to have a few determined people reverse their efforts.

arduino_hobbyist:
When you upload the code to the chip it is compiled into hexadecimal code.

That is enough to stop almost all attempts.

Second, you can’t just plug in the arduino and pull the compiled code off. You would have to have special hardware to read the chip which 99% of the consumers wont have.

and finally, code protection is useless to the determined hacker. If someone has enough drive they could potentially reverse engineer the code. Piracy is rampant in software development and they have teams trying to develop uncrackable applications only to have a few determined people reverse their efforts.

Thanks…I wasn’t worried about the determined hackers, just the consumer thinking they can build their own if they had the program code. I was under the impression that you could just plug in with a USB and a copy of the programming software and retrieve the program. The fact that it is compiled and uploaded in hex is definitely enough. I have quite a bit of experience with PIC micro-controllers and that’s how it is with them…Don’t know why I thought the Arduino would be any different.

Thanks again.

It’s easy enough to clone the bytes loaded into the flash on most microprocessors. Most have code protection mechanisms, obviously non-reversable, i.e., unprotecting the flash erases it.

But this isn’t normally an issue with hobby/school projects.

Never underestimate the ability of someone fluent with assembly language and a few weeks worth of time. Its trivial to lift a body of obfuscated code, change the interface, and bypass security checks. An infinite number of teenage monkeys do this to huge commercial games every second of the day. An engineer with a good understanding of assembly can debug after hours it in a few weeks.

I think the Arduino has a header that allows it to be programmed with a serial “ISP” programmer. You can use this instead of the usual bootloader method of programming, which would allow you to set the code protection “fuse” (not sure why they call them “fuses”, as you can reprogram them). This will make it MUCH harder for someone to read the contents of the chip.

I’m not familiar with Arduino, but I think you might have to tweak the code and compile under AVRStudio (or similar) if you want to do this - hopefully someone else here can confirm?

If you want to protect the code from theft - set the code protection fuse bits in the AVR.

Can that be done with the Arduino programming software?

rrc1962:
Can that be done with the Arduino programming software?

As far as I know you need a serial programmer in order to play with the fuse settings.

Am I missing the point?

The Arduino home page states:

Arduino is an open-source electronics prototyping platform based on flexible, easy-to-use hardware and software. It’s intended for artists, designers, hobbyists, and anyone interested in creating interactive objects or environments.

Check this out also. http://arduino.cc/blog/2011/01/07/ardui … ow-online/

While I can understand your concerns of having your project pirated we are playing with a product (Arduino) that was designed with open-architecture in mind. I felt compelled to point this out although I would probably feel the same as you do given the circumstances.