Anti tamper real time clock (RTC) - make your embedded system secure
By Mohit Arora, Prashant Bhargava, Stephen Pickering, Freescale Semiconductor
industrialcontroldesignline.com (September 10, 2009)
1. Introduction " Need for Anti Tamper RTC
Applications like utility metering, HVAC, point of sale terminals, security alarms, vending machines, security related equipments and systems are prone to hacking where the hacker may want to extract information and/or modify the internal settings. Most of these methods include tweaking the time so as to fool the system.
Specific to power and energy metering, electricity distribution companies may have different billing rates depending on time of the day, maximum demand, load, etc, thus making Real Time Clock (RTC) an essential part of the electronic meter to provide time reference. One may tamper with the clock or manipulate the time to fool the system and charge differently, e.g., changing PM to AM such that metering firmware charges less due to non-peak load during that time.
A hacker can change the RTC crystal so as to count less as RTC usually relies on a 32.768 kHz external crystal oscillator. This introduces inaccuracies in measurement and thus billing.
Still today, lot of software licenses are time based. Before the license is about to get expired, one may reverse the time back thus providing additional time software license is available to the user.
Most of you may have experience changing the old PC BIOS clock to reset system settings. Have you ever forgotten the BIOS password or have you wondered to log into your friend's computer that has BIOS security password during the system boot? Most common way is reset the password is to physically remove the power from the computer by disconnecting the power plug and then removing battery for few minutes from the motherboard.
There are endless examples based on time related hacks. For consumer products, avoiding the above may not matter much without any significant loss to the customer or product manufacturer but for applications like point of sale, power distribution, etc, the above may compromise the whole security network causing chaos and huge loss of revenue.
Taking care of above may require additional hardware changes in board along with additional components and yet may not be completely secure; however these can be easily taken care during RTC design.
Next section focus on some of the techniques that can be implemented in RTC to make system secure and avoid time related hacks.
To read the full article, click here
Related Semiconductor IP
- CAN XL Verification IP
- Rad-Hard GPIO, ODIO & LVDS in SkyWater 90nm
- 1.22V/1uA Reference voltage and current source
- 1.2V SLVS Transceiver in UMC 110nm
- Neuromorphic Processor IP
Related White Papers
- Design and Real Time Hardware Implementation of a Generic Fuzzy Logic Controller for a Transport/Diffusion System
- How to detect solder joint faults in operating FPGAs in real time
- Real Time Non-intrusive Debugging Framework
- Generating multiple clock frequencies using Specman "real" feature in mixed (Analog/Digital) design environments
Latest White Papers
- OmniSim: Simulating Hardware with C Speed and RTL Accuracy for High-Level Synthesis Designs
- Balancing Power and Performance With Task Dependencies in Multi-Core Systems
- LLM Inference with Codebook-based Q4X Quantization using the Llama.cpp Framework on RISC-V Vector CPUs
- PCIe 5.0: The universal high-speed interconnect for High Bandwidth and Low Latency Applications Design Challenges & Solutions
- Basilisk: A 34 mm2 End-to-End Open-Source 64-bit Linux-Capable RISC-V SoC in 130nm BiCMOS