Hello,
We are trying to attack Arduino Uno (ATMEGA328P) by using ChipWhisperer-Lite. We used coastalwhite template for simpleserial communication between them. We defined CW301_AVR platform in the makefile since this platform used to have ATMEGA328P as well. It seems that the communication gets stuck in the function getch() (inside simpleserial_get()) which is the function defined as function input_ch_0() in uart.c in the avr folder.
Inside this function there is a while loop:
while ((STAT0RXTX_REG & (1 << RX0C) != (1<<RX0C)) {
continue;
}
and it seems that arduino never leaves this loop. We’ve found that STAT0RXTX is actually UCSR0A inside ATMEGA328P and RX0C is the bit 7 of that register, but we are unable to understand why it gets stuck here.
Could you please help us with this?
Many thanks in advance!
Hi,
Does serial communication work at all right now? If you put a putch() after the UART setup, are you able to successfully read characters? This should help you debug if you’re on the wrong baud rate as well.
Alex
Hello,
Thanks for the quick response. One of our problems is that we are not able to debug the code in arduino by using standard commands of reading and writing cause when we program Arduino via ISP pins by ChipWhisperer, for some reason Arduino IDE reports error on the usb port when trying to run Serial Monitor (or Serial plotter).
Our debugging process so far has been to pull the trigger signal high (which we are able to see with the oscilloscope) and move that command to the various parts of the code and see where it gets stuck…
Any thoughts on how to workaround that problem?
Thanks!
Hi,
In that case, the reason you’re seeing the code get stuck there is because that serial read blocks until it gets a character. You’ll need to either get serial working, or remove all the simpleserial calls from the code.
Alex
Thanks, but I am not sure I understand. The Rx and Tx pins on Arduino are connected to ChipWhisperer. Once we send the command
target.send_cmd(‘p’, 0x80, data)
from the ChipWhisperer, this command should be received by Arduino on the Rx line the same way as if a character was sent, right?
Sorry, I misunderstood. I thought you were trying to do serial through the regular Arduino interface. You’re right, if you’ve got serial working, that should be what you want to do.
send_cmd() is a SS_V2.1 method. Not all of the HALs will adjust the baud rate to be 230400bps right now, so you might be running at 38400bps instead. Try setting target.baud=38400.
I’ve added a note to the SimpleSerial documentation that explains this.
Alex
Thanks, yeah, different baud rate could be the problem. We will definitely try this. Many thanks!
Hi Alex,
After many hours of debugging with the oscilloscope, it seems that the problem lies in the CW506 Advanced Breakout Board. We checked the baud rate and it is correct, however, the signal coming from the CW through the Tx line is not level-shifted properly. When the CW bit is equal to 0, it gets shifted to 4V on the Arduino side (see pic attached). I will open a new topic on this, but if you know the workaround this problem, it would be great if you could share it with us.
Many thanks!
