Author Topic: Announcing: Bluepill Diagnostics ... V1.62  (Read 783 times)

0 Members and 1 Guest are viewing this topic.

Offline techman-001

  • Frequent Contributor
  • **
  • !
  • Posts: 748
  • Country: au
  • Electronics technician for the last 50 years
    • Mecrisp Stellaris Unofficial UserDoc
Announcing: Bluepill Diagnostics ... V1.62
« on: April 08, 2021, 01:31:08 pm »
V1.6 is a major change as I’ve found that collecting and analyzing the Device electronic signature is pointless as the same codes are used by genuine and clone mcu’s alike. Thank you to those that emailed me their XML ID dumps.

V1.62 uses three tests to determine if a MCU is a genuine STM32F103C8. It can't tell if a chip is a clone, only that it's NOT a STM32F103C8, which is much the same thing especially if the chip markings claim it is.

  • Exploit a silicon bug in genuine STM32F1xx chips where the BGMCU_IDCODE cannot be read from within the MCU without a SWD or JTAG interface connected.
  • Verify the Flash Size Register = 64KB
  • Verify that the MCU has a hidden second 64KB flash block as most STM32F103C8 chips do
.

Already I have what appears to be an unknown clone found by a user in India, full pics and details in the link below.

Please  note: V1.6 it uses a jumper between GPIOA-0 and 3.3V to select a Swdcom terminal instead of the usual USB virtual comport and user menu, so if your board has something on GPIOA-0 it could cause problems at boot.

Please see this URL for more details and the downloadable zipfile with source. https://mecrisp-stellaris-folkdoc.sourceforge.io/bluepill-diagnostics-v1.6.html

All discussions of clones found by V1.62 welcomed as are bug reports.
 
The following users thanked this post: paf, thm_w

Offline rcbuck

  • Frequent Contributor
  • **
  • Posts: 257
  • Country: us
Re: Announcing: Bluepill Diagnostics ... V1.62
« Reply #1 on: April 10, 2021, 04:50:34 pm »
Is there any documentation that tells how to use this program and how it connects to the bluepill?
 

Offline techman-001

  • Frequent Contributor
  • **
  • !
  • Posts: 748
  • Country: au
  • Electronics technician for the last 50 years
    • Mecrisp Stellaris Unofficial UserDoc
Re: Announcing: Bluepill Diagnostics ... V1.62
« Reply #2 on: April 11, 2021, 01:55:35 am »
Is there any documentation that tells how to use this program and how it connects to the bluepill?

How to use Bluepill Diagnostics V1.6
------------------------------------
1. Download https://sourceforge.net/projects/mecrisp-stellaris-folkdoc/files/bluepill-diagnostics-v1.6.zip
2. Flash the bluepill-diagnostics-v1.6xx inside the above zipfile to your Bluepill/Maple Board with OpenOCD or whatever you normally use. Basically you flash this binary exactly as you would flash any STM32Fxx binary.
3. Plug in a USB cable to the “Blue Pill” board and run a serial terminal program on your PC. This will also power the board.
4. Connect the serial terminal program to the "Mecrisp STM32F10x Forth Serial Port" USB device now created on your PC. Any speed is ok, I use 460800 Baud myself.
5. Press the "m" key on your keyboard to bring up the bluepill-diagnostics user menu.
 

Offline Algoma

  • Regular Contributor
  • *
  • Posts: 151
  • Country: ca
Re: Announcing: Bluepill Diagnostics ... V1.62
« Reply #3 on: April 11, 2021, 03:06:47 am »
If the binary can run the diagnostics, why not simply flash a result pattern on the onboard LED... slow flash=genuine, Rapid flash=fake.
 

Offline techman-001

  • Frequent Contributor
  • **
  • !
  • Posts: 748
  • Country: au
  • Electronics technician for the last 50 years
    • Mecrisp Stellaris Unofficial UserDoc
Re: Announcing: Bluepill Diagnostics ... V1.62
« Reply #4 on: April 11, 2021, 05:41:22 am »
If the binary can run the diagnostics, why not simply flash a result pattern on the onboard LED... slow flash=genuine, Rapid flash=fake.

1. It's not that simple, human intervention is still needed in areas such as running the second flash block test. Codes are written to every memory location and these are read after writing to ensure every bit is tested. This should be a operator decision as the flash does have a limited write life.

2. Having a fake doesn't mean the Bluepill is total junk depending on the type of fake or clone. This also should be a operator decision.

3. I need user feedback to continue to improve this program and I won't get that from a blinking led.

4. Fakes can be very hard to spot and the fakers will try to work around the detection methods because they work covertly in the shadows unlike Open Source Software. This is a battle of wills and I'm not making it any easier for the fakers.

5. Arduino uses a serial terminal so everyone with a Bluepill is already familiar with  them. This one uses the Bluepill  USB so it's also a good test to see if the USB does work, given the history of bad Bluepill USB resistors etc.
 
The following users thanked this post: Jacon

Offline techman-001

  • Frequent Contributor
  • **
  • !
  • Posts: 748
  • Country: au
  • Electronics technician for the last 50 years
    • Mecrisp Stellaris Unofficial UserDoc
Re: Announcing: Bluepill Diagnostics ... V1.62
« Reply #5 on: April 11, 2021, 08:15:45 am »
Announcing another BIG improvement that does detect the type of clone/fake thanks to Andre's work on the F103 JDEC codes at https://www.blaatschaap.be/32f103-comparison-part-3/

V1.631 uses four tests below to determine if a MCU is a genuine STM32F103C8.

1. Exploit a silicon bug in genuine STM32F1xx chips where the BGMCU_IDCODE cannot be read from within the MCU without a SWD or JTAG interface connected.
2. Verify the Flash Size Register = 64KB
3. Verify that the MCU has a hidden second 64KB flash block as most STM32F103C8 chips do.
4. Verify that the MCU Jdec manufacturer id is that of STMicroelectronics.

The web page is the same: https://mecrisp-stellaris-folkdoc.sourceforge.io/bluepill-diagnostics-v1.6.html and identical to the html readme in the zip file release at https://sourceforge.net/projects/mecrisp-stellaris-folkdoc/files/bluepill-diagnostics-v1.6.zip which also includes the sourcecode.

Note: Website readme may lag behind the zipfile readme as updates can be slow at times.

« Last Edit: April 11, 2021, 08:23:32 am by techman-001 »
 

Offline rcbuck

  • Frequent Contributor
  • **
  • Posts: 257
  • Country: us
Re: Announcing: Bluepill Diagnostics ... V1.62
« Reply #6 on: April 12, 2021, 08:10:13 pm »
techman-001, thanks for instructions. I ran several tests and got these results:

h - test second Half of the 128KB flash declared for this chip:  PASSED
d - DBGMCU_IDCODE [@ 0xE0042000] = 0x20036410
a - STM32F103C8 authentication FAILED one or more tests:
----------------------------------------------------
FAIL - Declared flash not 65536
FAIL - DBGMCU_IDCODE is readable with no SWD/Jtag connected
PASS - Second 64KB flash block verified
FAIL - JDEC manufacturer id NOT STMicroelectronics

So I guess I have a fake/clone part. The bluepill works with my application so I guess I can't complain.
 

Offline techman-001

  • Frequent Contributor
  • **
  • !
  • Posts: 748
  • Country: au
  • Electronics technician for the last 50 years
    • Mecrisp Stellaris Unofficial UserDoc
Re: Announcing: Bluepill Diagnostics ... V1.62
« Reply #7 on: April 12, 2021, 09:52:31 pm »
techman-001, thanks for instructions. I ran several tests and got these results:

h - test second Half of the 128KB flash declared for this chip:  PASSED
d - DBGMCU_IDCODE [@ 0xE0042000] = 0x20036410
a - STM32F103C8 authentication FAILED one or more tests:
----------------------------------------------------
FAIL - Declared flash not 65536
FAIL - DBGMCU_IDCODE is readable with no SWD/Jtag connected
PASS - Second 64KB flash block verified
FAIL - JDEC manufacturer id NOT STMicroelectronics

So I guess I have a fake/clone part. The bluepill works with my application so I guess I can't complain.
probably a CKS32F103CBT6 what does the 'j' menu have to report ?
 

Online szszoke

  • Regular Contributor
  • *
  • Posts: 62
  • Country: se
Re: Announcing: Bluepill Diagnostics ... V1.62
« Reply #8 on: April 12, 2021, 10:37:41 pm »
Does something like this exist for the Blackpill boards as well?
 

Offline techman-001

  • Frequent Contributor
  • **
  • !
  • Posts: 748
  • Country: au
  • Electronics technician for the last 50 years
    • Mecrisp Stellaris Unofficial UserDoc
Re: Announcing: Bluepill Diagnostics ... V1.62
« Reply #9 on: April 13, 2021, 02:50:34 am »
Does something like this exist for the Blackpill boards as well?

I haven't designed a version of my Diagnostic binary for boards using STM32F4xx and have no such plans at  this time.
 

Offline abyrvalg

  • Frequent Contributor
  • **
  • Posts: 516
  • Country: ru
Re: Announcing: Bluepill Diagnostics ... V1.62
« Reply #10 on: April 14, 2021, 08:19:46 am »
If the binary can run the diagnostics, why not simply flash a result pattern on the onboard LED... slow flash=genuine, Rapid flash=fake.
Looks like checking the core revision in ROM table (OpenOCD: dap info, J-Link: shown at connect) is enough to detect genuine/fake (r1 - genuine, r2 - fake), no need to run any code at all. More extensive testing is needed only if you want to know which fake is it.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf