In general, read-out protection provides a very limited level of protection that I wouldn't rely on to stop cloning. There's quite a few firms that will extract the firmware from protected microcontrollers for a couple thousand dollars (i.e. https://russiansemiresearch.com/ ) which is a drop in the bucket considering the potential profit from industrialized cloning. Lots of microcontroller series also have exploits that can allow hobbyists with very little funding to bypass read-out protection (here's one for the STM32F0 series for example: https://github.com/racerxdl/stm32f0-pico-dump ).