Extract MCU Embedded Firmware

When extract MCU embedded firmware, we need to use different kinds of methods to execute the process, but if we enforce the same method to different programmed or already erased MCU extraction, we can see the relationship between threshold value and other facts, such as the time of erase actions and memorizer address. We can also see from the MCU extract that even after 100 times of erase operation and the ion still be found inside the floating gate which makes the extract MCU become more possible and obtain the required content from memorizer. After 100 times of programme/erase cycles on the samples being tested, except those primitive ions which could have threshold voltage swifting when MCU extraction. At the same time, it is quite complicate to analyze and obtain the information inside the memorizer since the voltage difference between them is much higher than itself when extract MCU. As a matter of fact, the only way to avoid this kind of problem when extract MCU is using the same unit as reference, when the MCU being erased with extra time, we can compare the threshold electrical level. We acquire the same or similar result from the EEPROM of PIC16F84A. the only difference is the threshold value is quite close to the value of unit after completely erase when extract MCU. If the MCU has been erased for more than 10 times, it is hardly to get any information from the MCU when try to extract it.

In the next test, we should write all “0” in the MCU before extract operation, and the result is we can’t tell the difference between programmable and non-programed units, which means pre-program the MCU before erase any memorizer unit could be a very good way to protect the MCU being extracted.