Skip to main content
I
Istillaga
Graduate
May 9, 2024
Solved

Detecting JTAG Access on the Board

  • May 9, 2024
  • 5 replies
  • 2137 views

Hi,

 

I am using the B-U585I-IOT20A Board and I want the board to notify me in some way if someone is attempting to access and modify its content via JTAG. Is there a way to do this?

    This topic has been closed for replies.
    Best answer by Uwe Bonnes

    Your intention gets less clearer with any new posting. What part should detect the intrusion? The MCU or the debugger? And you do not want detection of another kind of debugger "intusion"?

     

    Did you check https://community.st.com/t5/stm32-mcus-products/how-to-check-at-runtime-if-a-debugger-is-connected/td-p/458687?

     

    5 replies

    T
    Tesla DeLorean
    Graduate II
    May 9, 2024

    No, its not going to alert you to intrusion attempts.

    You can disable the SWD/JTAG via Option Bytes / RDP Settings, in a permanent sense. Just be aware you'll not be able to use a debugger to program/debug the chip/board ever again.

      T
      Tesla DeLorean
      Graduate II
      May 9, 2024

      You could perhaps not use, and associate PA13/PA14 with an EXTI, that interrupts if these signals are toggled/modulated. Use your imagination..

      A
      Andrew Neil
      Super User
      May 9, 2024

      Does the Cortex-M33 have a register which tells you when a debugger is attached?

      If it does, you could poll that.

      If not, maybe something like this:

      https://community.st.com/t5/stm32-mcus-products/stlink-emulator-with-stop-mode-condition/m-p/671060/highlight/true#M243267

       

        T
        Tesla DeLorean
        Graduate II
        May 9, 2024

        ITM_SendChar() etc should check flagging in assorted debug units

          A
          Andrew Neil
          Super User
          May 9, 2024

          The thread title says, "Protection Against Unauthorized Access via JTAG", but the opening post just asks about detecting an attached debugger - so which one do you actually want to do?

          I
          IstillagaAuthor
          Graduate
          May 9, 2024

          I want to dettect an attached debugger

          U
          Uwe Bonnes
          Graduate II
          May 9, 2024

          U5 has system security. Read rm0456 chapter 75, especially 75.2.6 Security and 75.12. about  debug authentication register. In the cube context, there should be examples and there are also presentations/tutorials about the subject,

            I
            IstillagaAuthor
            Graduate
            May 9, 2024

            And it is posible to detect any access via ST-Link?

            U
            Uwe BonnesAnswer
            Graduate II
            May 10, 2024

            Your intention gets less clearer with any new posting. What part should detect the intrusion? The MCU or the debugger? And you do not want detection of another kind of debugger "intusion"?

             

            Did you check https://community.st.com/t5/stm32-mcus-products/how-to-check-at-runtime-if-a-debugger-is-connected/td-p/458687?

             

            Terms & ConditionsAccessibility statement