Protecting agaist reverse engineering

Gus50310 · December 4, 2016, 6:36pm

Hi
Is it easy to reverse engineer a .NET Micro Framework .exe (this is on a G30 TH Module) and if so what can be done to offer some protection to it being done?
If you have any suggestions or questions please let me know…Thanks
Gus50310

Gus_Issa · December 4, 2016, 7:57pm

But easy but can be done. We are researching ways to adding such feature.

Brett · December 4, 2016, 9:05pm

Gus means “not easy”, I suspect…

Gus_Issa · December 4, 2016, 9:48pm

Yes not easy

Frogmore · December 6, 2016, 10:40am

But typing gets Gus again

Gus50310 · December 9, 2016, 7:22am

Thanks for taking the time to reply GHI Gus.
I am assuming some of the tools I have looked at for the “big” .NET environment like https://rustemsoft.com/freeware_obfuscator.htm are not applicable to the .NET Micro Framework.
If there are any suggestions are questions please let me know…Thanks
Gus50310

CW2 · December 9, 2016, 8:30am

@ Gus50310 - Well, it’s actually pretty easy to do that as STM32F microcontrollers support hardware flash readout protection. The detailed description on various protection levels and how to enable them using STM32 STLink utility can be found in AN4701 (PDF).

Regarding the obfuscation, in such embedded environment it is basically worthless. Given the [relatively small] assembly size, [desirable low] overhead added by the obfuscator and tools such as de4dot, we are talking about a minute to get the source code. Except maybe for the best (most expensive) obfuscators, whose code most likely will not work in NETMF runtime.

Gus_Issa · December 9, 2016, 10:19am

@ CW2 - G30 chips are locked. You can’t do flash read.

Mr_John_Smith · December 9, 2016, 10:21am

@ CW2 - The STM32s also support booting code from SD card. So let’s say you write a program, boot from SD and then read out the flash using that program. How was your IP protected by the inability to access the flash memory externally?

Gus_Issa · December 9, 2016, 10:26am

@ Mr. John Smith - G30 is locked. Unless you are using a raw STM chip.

Mr_John_Smith · December 9, 2016, 8:35pm

@ Gus - So they can’t be commanded to boot from anything other than internal Flash?

Gus_Issa · December 9, 2016, 10:18pm

@ Mr. John Smith - you shouldn’t or this is very bad for our IP.

CW2 · December 10, 2016, 4:13am

@ Mr. John Smith - By enabling PCROP (Proprietary Code Read Out Protection) for sectors where IP code is located. These sectors are protected against D-Code bus read accesses, so the code can only be executed.

Regarding the booting,

[quote]Read protection Level 2

When booting from Flash memory, the memory content is accessible to user code.
However, booting from SRAM or from system memory bootloader is no more possible.
[/quote]
You’d probably disable all application-level booting options before even considering flash memory readout protection or PCROP.

Mr_John_Smith · December 10, 2016, 9:58am

@ CW2 - So once you set the read protection level to 2 and you’re booting from flash, it is impossible to force the system to boot from SRAM or other. Correct?

Gus50310 · December 18, 2016, 10:23pm

Thanks Mr John Smith, CW2 and GHI Gus for taking the time to reply.
Gus50310