nRF52 microcontroller debug resurrection #ReverseEngineering @limitedresults

Resurrection of the JTAG/SWD interface on protected platforms has always been a sensitive topic in embedded security. LimitedResults dives into this topic:

This security investigation presents a way to bypass the APPROTECT on a protected nRF52840, in order to reactivate the Serial Wire Debug Interface (SWD), offering full debug capabilities on the target (R/W access to Flash/RAM/Registers, Code Exec and reprogramming). All the nRF52 versions are impacted.

Due to its intrinsic characteristics, the vulnerability cannot be patched without Silicon redesign, leading to a countless number of vulnerable devices on the field forever.

The nRF52840 System-on-Chip (SoC) is the most advanced member of the nRF52 Series SoC family. It is an advanced Bluetooth, Thread and Zigbee multi-protocol SoC built around a 64 MHz Cortex-M4F CPU.

The nRF52 has a restricted security mechanism in order to protect against Memory Readout. This security feature is called Access Port Protection (APPROTECT).

NordicSemiconductor does not provide any information about the APPROTECT mechanism.

In the blog post, a low-cost fault attack is successfully achieved on nRF52840. It allows an attacker having physical access to bypass the APPROTECT to reactivate the SWD debug interface permanently(R/W access to memories and registers, control CPU code execution, dump the Flash memory, FICR and UICR…)

See the methodology in the attack in the LimitedResults article.


8-6-2021 (August 6, 2021) is the Snakiest day of the year and it’s also this year’s CircuitPython Day! The day highlights all things CircuitPython and Python on Hardware. See you there!

Stop breadboarding and soldering – start making immediately! Adafruit’s Circuit Playground is jam-packed with LEDs, sensors, buttons, alligator clip pads and more. Build projects with Circuit Playground in a few minutes with the drag-and-drop MakeCode programming site, learn computer science using the CS Discoveries class on code.org, jump into CircuitPython to learn Python and hardware together, TinyGO, or even use the Arduino IDE. Circuit Playground Express is the newest and best Circuit Playground board, with support for CircuitPython, MakeCode, and Arduino. It has a powerful processor, 10 NeoPixels, mini speaker, InfraRed receive and transmit, two buttons, a switch, 14 alligator clip pads, and lots of sensors: capacitive touch, IR proximity, temperature, light, motion and sound. A whole wide world of electronics and coding is waiting for you, and it fits in the palm of your hand.

Join 30,000+ makers on Adafruit’s Discord channels and be part of the community! http://adafru.it/discord

Have an amazing project to share? The Electronics Show and Tell is every Wednesday at 7pm ET! To join, head over to YouTube and check out the show’s live chat – we’ll post the link there.

Join us every Wednesday night at 8pm ET for Ask an Engineer!

Follow Adafruit on Instagram for top secret new products, behinds the scenes and more https://www.instagram.com/adafruit/

CircuitPython – The easiest way to program microcontrollers – CircuitPython.org


Maker Business — Over 500,000 manufacturing jobs are going unfilled

Wearables — Stop the sweat

Electronics — Hummm… 60Hz noise in your amplifier driving you nuts?

Python for Microcontrollers — Python on Microcontrollers Newsletter: EuroPython 2021, CircuitPython 7.0.0 alpha 5 and more! #Python #Adafruit #CircuitPython @micropython @ThePSF

Adafruit IoT Monthly — Smart Agriculture, an E-Ink Newspaper, and more!

Microsoft MakeCode — MakeCode for the micro:bit - 2021 Release!

EYE on NPI — Maxim’s Himalaya uSLIC Step-Down Power Module #EyeOnNPI @maximintegrated @digikey

New Products – Adafruit Industries – Makers, hackers, artists, designers and engineers! — NEW PRODUCTS – Silicone Keycap Molds – MX Compatible Switches

Get the only spam-free daily newsletter about wearables, running a "maker business", electronic tips and more! Subscribe at AdafruitDaily.com !



No Comments

No comments yet.

Sorry, the comment form is closed at this time.