Ardupilot has Firmware signing which checks if the firmware is also signed with the corresponding Private Key before running and rejects any other firmware. Is there a way to make the bootloader tamperproof. What I mean is currently I am able to erase the entire chip and upload my own bootloader which can take unsigned firmware also. This is a vulnerability if the attacker has access to the serial port of the microcontroller. Is there any way around this?
Look more into STM32 read-out protection, write protection, flash option bytes but you most probably be violating the ardupilot GPLv3 licence
Thanks for the suggestion. I will look into it.