Use Unique ID EEPROM in Your Embedded System to Prevent Design Counterfeiting
There’s a saying that smart people don’t always finish the race first. In college, I remember some classmates copying my assignments, only to end up getting better scores than I did. Being smart didn’t necessarily guarantee me the top grades in college and watching others achieve success based on my ideas became demoralizing.
The business world is similar; it isn’t uncommon for companies to copy concepts that work well for their competitors and use it to dominate the market. Although ethically questionable, counterfeit designs are actually fairly common. As a design engineer, it is my job to make counterfeiting my design as difficult as possible.
Short of coating the entire PCB in epoxy, I’ve tried every trick possible. This includes using unique ID EEPROM (electrically erasable programmable read-only memory) to make it impossible to duplicate an exact copy of my hardware and make it operational. By including unique ID EEPROM in your embedded system, you too can prepare for the worst-case scenario and prevent design counterfeiting.
What is a Unique ID EEPROM?
An EEPROM is a type of non-volatile memory that is useful for storing small sizes of data. It is usually connected to a microcontroller via Inter-Integrated Circuit (I2C) or Serial Peripheral Interface (SPI). EEPROM has been around in the electronics scene for decades and is used for storing parameters like configuration values.
A Unique ID EEPROM is an EEPROM that carries a non-erasable ID. The length of the Unique ID varies from 32-bit to 128-bit, depending on the manufacturer. Theoretically, there is no realistic possibility of two EEPROM sharing the same ID. This is similar to the concept of a unique Media Access Control (MAC) address for your internet-capable devices.
Using a Unique ID EEPROM to Prevent Counterfeiting
In a totally unprotected embedded system, counterfeit models can be easily created by reverse engineering the PCB and extracting the firmware from the microcontroller. Of course, even with code protection features turned on, duplicating the firmware may still be possible, albeit more challenging.
Including a Unique ID EEPROM in your design and implementing verification procedures in the firmware helps prevent bulk counterfeiting. This is how I implement it in my embedded systems:
1. Create a Unique ID Reader Firmware
Create a simple firmware that reads the unique ID from the EEPROM and saves it into a file within an SD Card. This firmware is only programmed to retrieve the unique ID and will be overwritten by the actual application firmware later.
Verify against Unique ID to prevent counterfeit programs from loading.
2. Hardcode the Unique ID in Application Firmware
Then, create a special function in the application firmware to extract the unique ID from the file and write the value into the microcontroller’s internal Flash memory. The microcontroller then needs to delete the saved file in the SD card, after storing it securely.
3. Implement Verification of EEPROM ID in Actual Application Firmware
In the actual application firmware, create a function that verifies the unique ID of the EEPROM on the PCB with a hardcoded EEPROM ID in the microcontroller Flash memory. This allows only the compiled firmware with the right hardcoded unique ID to function on a particular PCB.
Pros and Cons of the EEPROM Unique ID Protection Method
As with any design, security and convenience are always at the opposite ends of a spectrum. The viability of your counterfeit protection method depends on the nature of your applications and the projected impact of counterfeiting on your business.
The obvious advantage of unique ID verification is that your embedded system cannot be counterfeited in bulk. Even if the firmware is extracted, injecting it into multiple PCBs will not lead to any of the devices becoming operational. Short of getting the microcontroller to self-destruct, this is the most secure protection measure I’ve ever implemented.
The downside of this method is that production will be a far slower process, as this involves downloading unique ID extraction firmware and using an SD card. After the unique ID is saved, the production technician would need to inject the application firmware. Furthermore, Unique ID EEPROMs are generally more expensive than their regular counterparts.
Expect a lengthy but secure process of firmware injection.
If the consequences of counterfeiting are a major concern for your business, placing a unique ID EEPROM is the best way to protect your design. This is simple to set up using versatile PCB design software like Altium Designer®. If a unique ID EEPROM is not readily available in the integrated, you can easily create one using a standard footprint.
Do you need more tips on protecting your embedded systems design from counterfeiting?