Hi, Whilibarj!
I have experience in success Vcc glitch for CW1200 with STM32F3. For success result you must to know next:
- use no long coax cable (it must be 15 cm or less);
- in glitch_infinte() setup scope.glitch.repeat near 15-20 numbers;
- the value scope.glitch.ext_offset not really matter it is enough 2180 for glitch_infinte()
For more effective pulse parameters searching do next:
- Connect oscilloscope to the UART_TX pin and seek the crashing of STM. It will seems like voltage falling.
- Set the pulse scope.glitch.width very high. If you see crashing, it mean that the scope.glitch.width is very high. Its right way.
- Fix the scope.glitch.offset parameter (value is not matter on this step) and start reducing the scope.glitch.width by stepping (step of scope.glitch.width and scope.glitch.offset in CW is multiple to 0.4) while the STM is not stopping crash.
- When you finding the boarder of crashing and normal working, fix the scope.glitch.width and start sweeping by the scope.glitch.offset in range (-49, 49).
- If you steel not find the glitch keep try to sweep in small range by scope.glitch.width and repeate 4th step.
The all of this you must to do because all of glitch-attacks is working by the boarder of crashing/normalworking of core the STM.
Remember that the success of glitch is random and it near to 1 - 5%. It means that the you have repeat attack for each parameter (width and offset) not less than 100 times.
You can find more information in previous branch Help needed with Tutorial A3 VCC Glitching XMEGA Target
Have luck.
Regards,
Nik.