How can I best prevent, that critical commandos (e.g. open garage door) from an IoT device are being reverse engineered from the firmware? Is the following list complete / do you spot any errors? Any comments?
- Encrypt firmware patches for the device, that are available for download – cost: little – security: high
- activate the fuse lock bit on the device – cost: none – security: ?
- code obfuscation – cost: little – security: little
- HDD encryption – cost: medium – security: high
- (AES) encryption of data (device commands) at rest – cost: little – security: high
- JTAG fuse – cost: medium – security: high – con: device isn’t updatable anymore
- JTAG password – cost: low – security: ?
- hiding UART interface on the PCB – cost: medium – security: low