Programming and Debugging Interface Disable (PDID)

The Programming and Debugging Interface Disable (PDID) feature on PIC^® and AVR^® microcontrollers (MCUs) provides strong, hardware-based security for embedded systems. Our MCUs have long protected application code and data from breaches, and PDID extends this protection, allowing deployed designs to protect against sophisticated attacks using the Programming and Debugging Interface. Once enabled, PDID irreversibly locks a device from being erased or reprogrammed by the serial programming and debugging interface, effectively configuring the microcontroller into either a one-time programmable device or a device that can only be updated through a bootloader.

During pre-production, a device undergoes frequent changes, including changes to its firmware, configurations, encryption keys and/or bootloader code until the design is refined and ready for production. PDID should be enabled during this final production stage, just before deployment as it is a one-way fuse. Care should be taken to avoid enabling it until all pre-production is complete.

Enabling PDID on a device provides a hardware-based security layer, protecting it from external tools attempting to:

• Inadvertently or maliciously alter or erase firmware
• Steal or alter proprietary code
• Access or tamper with secure keys

Once PDID is enabled, application code and data in memory are no longer accessible through the programming and debugging interface (ICSP for PIC MCUs and UDPI for AVR MCUs). Three levels of security can be implemented, depending on the specific need for the device. These settings, which configure the device to be in one of the following modes, are set prior to enabling PDID:

1. One-time programmable: In this mode, the device can no longer be reprogrammed or erased through any means. Application code and sensitive data are neither accessible nor updateable by external tools.
2. Firmware updates through an immutable bootloader: If a bootloader is created and added to a design, firmware updates can be accomplished via a bootloader host application. By using code protection and PDID, the bootloader on the device is considered immutable; it is guaranteed to always be there, as it cannot be overwritten or erased.
3. Firmware updates through a secure bootloader: For applications requiring encrypted firmware updates from a host application, the addition of a secure element such as the ATECC608C can be used to authenticate and encrypt the update and create a secure bootloader..

We offer both Quick Turn Programming (QTP) and Serialized Quick Turn Programming (SQTP), which allow you to upload hex code to your part during production. However, since PDID is permanent, it should be used with the understanding that these devices will have extremely limited Failure Analysis (FA) capabilities.