Microcontroller code protection technique based on simulated-hot-spot analysis of instruction access pattern

Internet-of-Thing (IoT)-enabled embedded systems are controlled by micro-controllers (MCUs) with embedded on-chip flash memory, in which the binary patterns of user software are stored and accessed during runtime. Commer-cial system implementors have made an effort to hide the embedded software code, but conventional approaches are vulnerable to aggressive instruction bus monitoring method which directly probe the bare metal layer of the chip die surface with the high-resolution equipment. The user binary code-scrambling method resolves this weak point, but this requires large memory overhead to store the corresponding flags to decode into original binary code. In this paper, we propose a method to reduce these embedded flag bits by only scrambling the binary code in frequently accessed-hot-spot regions. The custom-designed simulation method to efficiently analyze hot-spot regions is newly presented. The proposed techniques are applied to the Mentor 8051 core using a 0.18um Magnachip flash-embedded CMOS process and the benefits in terms of area reduction are evaluated for the Dhrystone benchmark.