I, too, had some rather awkward assignments ... one of which was to produce a device, the code for which I had not been "cleared" to see. I never did see that code, though my clearance was eventually refreshed, but I was determined to prove that the MCU that was chosen was not as secure as the customer believed. The had nixed the use of an EEPROM-based part from another manufacturer because they'd discovered a way to get inside and, ultimately, bypass the security. I, however, felt that I could construct a secure device based on the EEPROM-based part because I had sensors that detected oxygen in the environment, visible light, mechanical intrusion, etc, and, with the aid of a charge pump and a supercap, could erase the EEPROM, and, in fact, the GAL's I wanted to use, while that wasn't possible with the EPROM-based part.

The MCU was an early 8751, which was bleeding-edge, back then, and was chosen by the agency, which will remain nameless, because it was thought to be "totally secure" as it couldn't be cracked simply by probing, as a ROM-based part could be.

After a time, I asked a representative of the agency in question to send me a couple of those devices with contents not classified but unknown to me, and a couple of weeks later, returned them to him, along with a couple of duplicates.

Needless to say, the organization, our customer, and, indeed, some of our managers, were not entirely pleased.

It seems that, Intel, their marketing department in particular, had published posters of the innards of the 8751 in various colors, originating as photomicrographs of the 8751 die with labels indicating where certain features were located, e.g. EPROM, ALU, RAM, etc, including the security bits. Well, it didn't take long with a UV laser and the kind aid of a fellow in the laser lab, to figure out how to compensate for the refraction of the quartz lid and, selectively, to erase the security information, resulting in the ability to copy the content of the EPROM. This wasn't entirely painless, as a few devices appeared to be damaged afterward, but ... eventually ...

Later on, we found it could be done entirely without lasering anything.

Fortunately, that's not the way things work any longer.

Presumably, the Signetics/Philips folks did it differently.

RE