This work proposes a lightweight software-hardware binding mechanism to protect sensitive tuning data—such as PID parameters—that constitute core intellectual property in embedded software from unauthorized extraction or reuse by cloned devices. The approach securely binds this sensitive data to device-unique SRAM-based Physical Unclonable Functions (PUFs) through Boolean logic operations, requiring no additional hardware. While unauthorized clones may execute the software, they suffer significant performance degradation due to the absence of the correct hardware fingerprint, and attackers face substantially increased difficulty in recovering the secret through dynamic analysis. Experimental evaluation on real-world microcontroller units (MCUs) demonstrates the effectiveness and practicality of the proposed scheme.

Embedded software used in industrial systems frequently relies on data that ensures the correct and efficient operation of these systems. Thus, companies invest considerable resources in fine-tuning this data, making it their valuable intellectual property (IP). We present a novel protection mechanism for this IP that combines hardware fingerprints with Boolean logic. Unlike usual copy-protection approaches, unauthorised copies of the software still run on cloned devices but suboptimally. According to our security evaluation, only a complex dynamic analysis of the protected software running on the genuine target device can reveal the secret data. This makes the protection offered by our method more difficult to bypass. Notably, our approach does not require additional hardware, relying only on relatively simple updates to the software. We evaluate our protection mechanism by binding the parameters of a PID controller to a microcontroller unit (MCU) by using a physically unclonable function (PUF) based on its SRAM.