Introduction

The importance of security measures is escalating for embedded applications across various market segments, including the Internet of Things (IoT), defense, electronic banking, healthcare, security and surveillance. The microcontrollers employed in these systems are often more susceptible to cyberattacks, making them potential targets for hackers. Generally, microcontrollers are vulnerable to attacks that stem from the programming and debugging interface, which offers direct access to the CPU, memory, and peripheral registers. Additionally, microcontrollers can be susceptible to security threats through serial communication interfaces, where malware can be injected into the memory to directly access and control microcontroller resources and application firmware. Such vulnerabilities can lead to breaches in system security.

Security in microcontrollers includes protection of firmware intellectual property (algorithms and software) and protection of data stored in its memory. To protect valuable intellectual property, the 8-bit PIC® microcontrollers offer code protection features that can block attempts to read or edit the memory with a programmer or debugger. The 8-bit PIC microcontrollers offer configuration fuses, enabling users to activate various levels of memory security. These range from read/write protection to securing Storage Area Flash (SAF) and In-Circuit Serial Programming (ICSP™) interface disabling capability for One-Time Programmability (OTP). These features allow for the implementation of a secure and immutable bootloader for application firmware upgrades and debugging through a wired or wireless programming interface.

The content of this technical brief focuses on the PIC18-Q24 microcontroller family; however, it is relevant to all 8-bit PIC microcontroller families. This document provides an overview of the memory organization and code protection features of 8-bit PIC microcontrollers. In addition, it explains the specific code protection features available in the PIC18-Q24 family with a particular focus on the Programming and Debugging Interface Disable (PDID) and Storage Area Flash Lock (SAFLOCK) features. It also provides brief information on how to configure these features to enable advanced code security protection for the PIC18-Q24 family of microcontrollers.