@robert-hh said in Security - IP Protection: @catalin Don't forget to lock the JTAG interface (if possible). There is a fuse to disable JTAG (JTAG_DISABLE). Furthermore, unless you build a firmware with DEBUG enabled, the JTAG IO pins are re-initialised as inputs with pull-down enabled during micropython startup.

Hi Jardar, The docs for secure boot are published/duplicated here: https://docs.pycom.io/chapter/advance/encryption.html Encryption key can't be changed, nor re-generated (that's why they should be kept safe). The 3 times limitation is valid just in the following case: the firmware binaries are written not-encrypted using USB (uart), and the ESP32 encrypts all the partitions marked as encrypted (and an ESP32 efuse has to burned. In all the other cases, like OTA update, ftp transfer, the encryption/decryption is made transparently, without the encryption counter being increased.

Hello @jmarcelino, do you know if this is already available in any Pycom's firmware?