Anti tamper real time clock (RTC) - make your embedded system secure
By Mohit Arora, Prashant Bhargava, Stephen Pickering, Freescale Semiconductor
industrialcontroldesignline.com (September 10, 2009)
1. Introduction " Need for Anti Tamper RTC
Applications like utility metering, HVAC, point of sale terminals, security alarms, vending machines, security related equipments and systems are prone to hacking where the hacker may want to extract information and/or modify the internal settings. Most of these methods include tweaking the time so as to fool the system.
Specific to power and energy metering, electricity distribution companies may have different billing rates depending on time of the day, maximum demand, load, etc, thus making Real Time Clock (RTC) an essential part of the electronic meter to provide time reference. One may tamper with the clock or manipulate the time to fool the system and charge differently, e.g., changing PM to AM such that metering firmware charges less due to non-peak load during that time.
A hacker can change the RTC crystal so as to count less as RTC usually relies on a 32.768 kHz external crystal oscillator. This introduces inaccuracies in measurement and thus billing.
Still today, lot of software licenses are time based. Before the license is about to get expired, one may reverse the time back thus providing additional time software license is available to the user.
Most of you may have experience changing the old PC BIOS clock to reset system settings. Have you ever forgotten the BIOS password or have you wondered to log into your friend's computer that has BIOS security password during the system boot? Most common way is reset the password is to physically remove the power from the computer by disconnecting the power plug and then removing battery for few minutes from the motherboard.
There are endless examples based on time related hacks. For consumer products, avoiding the above may not matter much without any significant loss to the customer or product manufacturer but for applications like point of sale, power distribution, etc, the above may compromise the whole security network causing chaos and huge loss of revenue.
Taking care of above may require additional hardware changes in board along with additional components and yet may not be completely secure; however these can be easily taken care during RTC design.
Next section focus on some of the techniques that can be implemented in RTC to make system secure and avoid time related hacks.
To read the full article, click here
Related Semiconductor IP
- Bluetooth Low Energy 6.0 Digital IP
- Ultra-low power high dynamic range image sensor
- Flash Memory LDPC Decoder IP Core
- SLM Signal Integrity Monitor
- Digital PUF IP
Related White Papers
- Design and Real Time Hardware Implementation of a Generic Fuzzy Logic Controller for a Transport/Diffusion System
- How to detect solder joint faults in operating FPGAs in real time
- Real Time Non-intrusive Debugging Framework
- Generating multiple clock frequencies using Specman "real" feature in mixed (Analog/Digital) design environments
Latest White Papers
- How Next-Gen Chips Are Unlocking RISC-V’s Customization Advantage
- Efficient Hardware-Assisted Heap Memory Safety for Embedded RISC-V Systems
- Automatically Retargeting Hardware and Code Generation for RISC-V Custom Instructions
- How Mature-Technology ASICs Can Give You the Edge
- Exploring the Latest Innovations in MIPI D-PHY and MIPI C-PHY