Extract MCU Binary File through read out the logic status of transistor is not a very commonly method for MCU Cracking, in order to do that, first of all we need to acquire the schematic diagram of target MCU;
Extract MCU Binary File through read out the logic status of transistor is quite normal in the invasive MCU extraction method, the traditional method of extract and read out binary file from semiconductor MCU memorizer is using mechanical probe, and the contact point is on the data bus. However, this kind of MCU cracking will refers to the direct electrical contact among the microprobe and internal circuit structure. It is a method with a lot of difficulties, from the miniature of MCU features size to use hardware access circuit on the MCU memorizer.
So the MCU extracter research and apply the semi-invasive MCU extract method to read out the status of the memorizer unit without bring any damage to it. But this way won’t always work and can only extract the BINARY file from CMOS SRAM which makes it unable to be prevail in the microcontroller reverse engineering market.
In the microscopy, we can use infrared concentrate on the MCU surface to analyze the SRAM. 650nm wavelength infrared is greater than silicon energy band, it will ionize internal effective area in the MCU. If the photon can reach area close to PN joint location, due to the photoemission will generate the photocurrent.
When photons enter P or N area, it will inject the free load current which can decrease the resistance in the tube. Through which we can read the status of the MCU memorizer unit and obviously the increasing current value can make the channels more smooth and can almost ignore. Direct the laser beam to the proper transistor can distinguish the two possible status.