[Venkatesh]

As an academic challenge, this would be incredibly fun, to force code from an on-core flash/nonvolatile space.

As far as I know, the User processor (PIC) stores its code in an onboard flash region. Since this flash region is not separate from the PIC, it would be incredibly difficult for one to read data from that flash/nonvolatile space. Also since the bus between the nonvolative region and the CPU Core would be inside the IC, it would become even more difficult.

The only possibility I see is:

1) Connect the I/O pins of the PIC to an independent flash/nonvolatile region
2) Then overwrite only a tiny portion of the existing code, which a JMP to code in the external flash
3) Then have the PIC's reset vector targetted at the JMP in the main flash space.
4) The code on the auxiliary flash space should be able to direct the PIC to read code from the main flash space (or read the exact contents of memory, more accurately).
5) The code on the aux. flash should then direct the PIC to forward the recovered data via Serial/other to a PC/other.

This procedure is very difficult to accomplish, since it depends on partial-erase of a flashchip attached directly to a CPU. Also it depends on the CPU being able to execute code directly out of an external region and map that external region as part of the main memory space.

Manufacturers spend time defending chips against code hijacking, so Microchip might be able to help... Other than that, good luck.

And btw, I am interested in the details of the read technique you detail, Rickertsen2. Please enlighen me. Thanks

And good luck with the controller.