Micro controller security

[IconicPCB]

How does the protection fuse / bit work on modern microcontrollers and is there a way of defeating them other than chaving the top off the package and directly inspecting the dice.

[ejeffrey]

Also if your code has a bug the user might be able to exploit that to dump some or all of the protected memory.

What are you trying to protect (or attack,depending on which side of the lock bit you are on)?  Encryption keys are extremely vulnerable to DPA.  If you actually need secure key storage you should be using a dedicated security processor that has mitigations against DPA and other side channel attacks. 

[ataradov]

Inspection will not do you any good. Typically security fuse is covered under a metal layer. But depending on the device, other attacks are possible.

[NiHaoMike]

Also if your code has a bug the user might be able to exploit that to dump some or all of the protected memory.

Or glitch out the CPU with a voltage dip to get it to say more than it should.

[woofy]

Given enough effort, possibly nothing is secure. Take a look at the work of Dr Sergei Skorobogatov at Cambridge University.
https://www.cl.cam.ac.uk/~sps32/

[Rerouter]

Most security is just about making things awquard enough that most people give up at a glance, if someone really wants to break in to it, its only a matter of time and resources,

For a starting point, have a look at the chinese websites offering you to post in a chip and they will return the firmware, avoid those models,

E.g. ATM terminals have multiple security systems all made to throw away the key at a moments notice, but people just collected enough of them to bypass all these security features,
Things I'm aware they had to bypass:
multiple case open detection switches
multiple light sensors on the pcb when the case was opened in light, it drops the key
secure area had a wiring security mesh covering the key store, if a trace was broken or shorted it would drop the key

and many others

These all just take time, e.g. a dremel tool, some reverse engineering and a color of light that the sensor is not able to respond to,

Most microcontrollers are beaten and dumped by power glitch techniques and a number of others are simply beaten by out of order programming methods, where you dont erase the flash, but write a tiny boot loader to dump the rest of the memory to the first block, reverse what you have jumped, find a call you could use and then on a second device write that block to dump the start of the code,

If you use the fuses to disable serial programming, most of the time high voltage parrellel programming can get around it with similar methods to above

Only after all of this easy stuff is ruled out would the microcontroller die attacks possibly begin, and they are way more capable than you could imagine, able to selectivly remove or add insulators and conductors bit by bit to carve holes through all types of security features in microchips, these people cost really money, but there is almost nothing you can hide from them short of burying the secure areas under so much critical hardware that they run out of routing space,

There is even things like cold boot attacks, your volitile memory is temperature dependand, what is stored in RAM doesnt get erased if the chip is cooled to -20C, same for NVRAM and others the data can remain there for literally hours, so most of the kill power to erase keys methods can be defeated by a night in a lab fridge.