Target empty response length

Embedded Security ChipWhisperer Software
1

Hello, we are trying to attack BAM (spc560p50l3) by using CW1200 in order to send password to the target. However the target response (target.ser.read(1)) has an empty length, the following is our code:

SCOPETYPE = ‘OPENADC’

scope.clock.clkgen_freq = 12E6
scope.clock.adc_src= “clkgen_x1”
scope.trigger.triggers = “tio2”
scope.adc.basic_mode = “rising_edge”
scope.adc.samples = 50000
scope.adc.offset = 0
scope.adc.presamples = 0

scope.io.tio1 = “serial_rx”
scope.io.tio2 = “serial_tx”

target.baud = 14400

ser = target.ser
print(target.baud)
print(target)
print(ser.write(bytearray([0xfe])))
resp = ser.read(1)

print(len(resp), resp)

Could you please help us with this?

Many thanks in advance!

2

Hi,

Looking at this target, it looks like it may run its IO at 5V. Do you have any sort of level shifting between the ChipWhisperer and your target board? If not I’d recommend immediately disconnecting the two and checking the IO voltage for your target, as feeding in voltages above 3.3V can damage your ChipWhisperer.

Alex

1 Like