Raspberry Pi’s RP2350 microcontroller, introduced with the Pico 2, was designed with enhanced security features to attract commercial and industrial users. Key highlights of the RP2350 include Secure Boot, TrustZone, a Redundancy Coprocessor (RCP), and Glitch Detectors—features aimed at ensuring data integrity and preventing unauthorized access. To showcase the chip’s robust security, Raspberry Pi partnered with Hextree to create the RP2350 Hacking Challenge, a competition with a $20,000 prize for anyone who could successfully extract a hidden secret from the chip’s One-Time Programmable (OTP) memory.
The challenge, announced at DEF CON in August and concluding on December 31, 2024, invited participants to breach the chip’s defenses through hardware or software attacks. The winner, however, will only be officially announced on January 14. Yet, engineer Aedan Cullen’s recent presentation at the 38th Chaos Communication Congress (38C3) suggests he may have cracked the RP2350. Cullen documented his approach in a detailed report and shared a GitHub repository with his methodology and scripts.
Cullen’s process began with an in-depth analysis of the RP2350’s datasheet, focusing on its boot sequence and OTP protection mechanisms. He identified Pin 53 (USB-OTP_VDD) as a potential vulnerability, speculating that manipulating its voltage could affect the chip’s OTP functions. After isolating and modifying the pin, Cullen used an oscilloscope to monitor voltage responses during boot and injected power glitches to disrupt the process.
His initial attempts to enable debugging failed, but further tests revealed an anomaly when the RP2350’s RISC-V cores were observed during glitches. Using a Python script, Cullen pinpointed the exact timing needed to bypass the security features, activating the ‘disabled’ debug port and granting access to the secret stored in the OTP memory.
The exploit leveraged a peculiar interaction between the Arm and RISC-V cores, where disabling both cores prioritized the Arm instruction, unintentionally leaving the RISC-V cores active. This oversight allowed Cullen to circumvent the Debug_Disable setting and extract the hidden data.
Cullen’s success highlights vulnerabilities in chip security, particularly the challenges of implementing “permanent” protections. He emphasized the importance of testing beyond documented safeguards, noting that even the most advanced defenses can fail under unforeseen conditions.
For further insights into Cullen’s approach and technical details, including bypassing guard mechanisms, viewers can watch his recorded 38C3 presentation, which features an engaging Q&A session addressing key questions. His findings raise critical discussions about hardware security and the evolving landscape of microcontroller protection.