> As far as the suggeston for using another chip as the bootloader over ISCP,
> this is no good as it would still require two pins on the F87X.  And, it a
> waste of resources, and is unecessary, and actually facilitates code copying
> due to how well known the ICSP protocols are.  They can be recorded easily.

Didn't you say yourself that the inners of the product are protected
by 480V 10000A?  You can establish a cryptographically secure link on
the RS485, and place the In-Circuit-Program slave chip physically near
to the F87x, and use reflective opto sensors or similar at the slave
as a tamper detector.  It can report tamper attempts and let you decide
yourself then whether you want to continue upload the firmware or
rather disconnect and unscrew the product to look inside whether a
"PIC ISP protocol tap" has been installed or not.  Such a tap btw I have
built already in the past, if someone is interested :---)

As long as the slave reports (cryptographically secure) no tamper attempts,
you should be quite safe that nobody records your firmware.

Once one product reports tampering, though, an attacker might have
learned how to avoid your detection traps in the future.

--
http://www.piclist.com hint: To leave the PICList
mailto:piclist-unsubscribe-request@mitvma.mit.edu