Anti tamper real time clock (RTC) - make your embedded system secure
By Mohit Arora, Prashant Bhargava, Stephen Pickering, Freescale Semiconductor
industrialcontroldesignline.com (September 10, 2009)
1. Introduction " Need for Anti Tamper RTC
Applications like utility metering, HVAC, point of sale terminals, security alarms, vending machines, security related equipments and systems are prone to hacking where the hacker may want to extract information and/or modify the internal settings. Most of these methods include tweaking the time so as to fool the system.
Specific to power and energy metering, electricity distribution companies may have different billing rates depending on time of the day, maximum demand, load, etc, thus making Real Time Clock (RTC) an essential part of the electronic meter to provide time reference. One may tamper with the clock or manipulate the time to fool the system and charge differently, e.g., changing PM to AM such that metering firmware charges less due to non-peak load during that time.
A hacker can change the RTC crystal so as to count less as RTC usually relies on a 32.768 kHz external crystal oscillator. This introduces inaccuracies in measurement and thus billing.
Still today, lot of software licenses are time based. Before the license is about to get expired, one may reverse the time back thus providing additional time software license is available to the user.
Most of you may have experience changing the old PC BIOS clock to reset system settings. Have you ever forgotten the BIOS password or have you wondered to log into your friend's computer that has BIOS security password during the system boot? Most common way is reset the password is to physically remove the power from the computer by disconnecting the power plug and then removing battery for few minutes from the motherboard.
There are endless examples based on time related hacks. For consumer products, avoiding the above may not matter much without any significant loss to the customer or product manufacturer but for applications like point of sale, power distribution, etc, the above may compromise the whole security network causing chaos and huge loss of revenue.
Taking care of above may require additional hardware changes in board along with additional components and yet may not be completely secure; however these can be easily taken care during RTC design.
Next section focus on some of the techniques that can be implemented in RTC to make system secure and avoid time related hacks.
To read the full article, click here
Related Semiconductor IP
- USB 4.0 V2 PHY - 4TX/2RX, TSMC N3P , North/South Poly Orientation
- FH-OFDM Modem
- NFC wireless interface supporting ISO14443 A and B with EEPROM on SMIC 180nm
- PQC CRYSTALS core for accelerating NIST FIPS 202 FIPS 203 and FIPS 204
- USB Full Speed Transceiver
Related White Papers
- Design and Real Time Hardware Implementation of a Generic Fuzzy Logic Controller for a Transport/Diffusion System
- How to detect solder joint faults in operating FPGAs in real time
- Real Time Non-intrusive Debugging Framework
- Generating multiple clock frequencies using Specman "real" feature in mixed (Analog/Digital) design environments
Latest White Papers
- FastPath: A Hybrid Approach for Efficient Hardware Security Verification
- Automotive IP-Cores: Evolution and Future Perspectives
- TROJAN-GUARD: Hardware Trojans Detection Using GNN in RTL Designs
- How a Standardized Approach Can Accelerate Development of Safety and Security in Automotive Imaging Systems
- SV-LLM: An Agentic Approach for SoC Security Verification using Large Language Models