During the last days I refined the software and I added example scripts to attack ESP32 and STM32 processors.

The library works and is able to produce reliable glitches. First I tried to reproduce results that were previously published by Sec-Consult. In this scenario the read-out protection (RDP) of STM32 microcontrollers is attacked during the bootloader stage. If a glitch is successful, the RDP level can be reduced and thus the internal flash memory be dumped. The above figure shows a successful glitching campaign. On the x-axis the glitch delay in nanoseconds is shown. This is the time between the trigger and the point in time were the glitch is set. The y-axis shows the duration of the glitch (length) in nanoseconds. The longer this time is, the more aggressive is our glitch and the target is more likely to fail. 

Points in green and yellow are expected behavior or communication errors (not shown in the plot). Magenta and red points are successful glitches and successful memory dumps. With this setup we reach a success rate of about 0.2% which is considered good.

Since the PicoGlitcher hardware is not ready yet, the attack was made in this case with the ChipWhisperer Pro.