For users concerned with device security, the OpenMV cam has issues that are yet to be addressed. Thankfully we have a good community and im sure we can figure something out. Here are some issues I foresee trying to use OpenMV in a commercial environment.
Note: these issues are not really a OpenMV specific, its actually more related to the underlying framework on which OpenMV runs. This framework is called MicroPython
- Source Code is easily accessible, end users simply have to insert SD card in another machine
- bytecode compiler: mpy-cross and use that to compile .py files into .mpy bytecode files. This is more obfuscation, but probably enough to cause most to give up.
- Utilizing "read protection" Code here: https://github.com/xyb/upy-stm-flash This option seems viable. It is not 100% secure but nothing is, so don't expect that. Here is a nice post about exploiting Read-Out Protection https://blog.zapb.de/stm32f1-exceptional-failure/
- Hardware. Some sort of add-on shield? Maxim, Ti, and Freescale all have hardware to address IOT security. The amount of work required and cost to implement this probably isn't feasible. Securing the OpenMV cam seems to be a niche topic at the moment
- STM32Trust, maybe a solution? More Info: https://www.st.com/content/st_com/en/stm32trust.html
- Network based approach. Have unprotected code that queries remote server on boot, pulls code to ram then executes. Is this even possible? Doesn't really protect from dumping memory of the MCU. This seems to be related https://www.youtube.com/watch?v=qqdFu61YC14 See here also: https://www.st.com/resource/en/user_man ... ronics.pdf Would this require an active internet connection for boot?
Doing "proper" security is hard and expensive. It appears that solutions are out there but the process has not yet been streamed lined.