By Mohit Arora, Prashant Bhargava, Stephen Pickering, Freescale Semiconductor
industrialcontroldesignline.com (September 10, 2009)
1. Introduction " Need for Anti Tamper RTC
Applications like utility metering, HVAC, point of sale terminals, security alarms, vending machines, security related equipments and systems are prone to hacking where the hacker may want to extract information and/or modify the internal settings. Most of these methods include tweaking the time so as to fool the system.
Specific to power and energy metering, electricity distribution companies may have different billing rates depending on time of the day, maximum demand, load, etc, thus making Real Time Clock (RTC) an essential part of the electronic meter to provide time reference. One may tamper with the clock or manipulate the time to fool the system and charge differently, e.g., changing PM to AM such that metering firmware charges less due to non-peak load during that time.
A hacker can change the RTC crystal so as to count less as RTC usually relies on a 32.768 kHz external crystal oscillator. This introduces inaccuracies in measurement and thus billing.
Still today, lot of software licenses are time based. Before the license is about to get expired, one may reverse the time back thus providing additional time software license is available to the user.
Most of you may have experience changing the old PC BIOS clock to reset system settings. Have you ever forgotten the BIOS password or have you wondered to log into your friend's computer that has BIOS security password during the system boot? Most common way is reset the password is to physically remove the power from the computer by disconnecting the power plug and then removing battery for few minutes from the motherboard.
There are endless examples based on time related hacks. For consumer products, avoiding the above may not matter much without any significant loss to the customer or product manufacturer but for applications like point of sale, power distribution, etc, the above may compromise the whole security network causing chaos and huge loss of revenue.
Taking care of above may require additional hardware changes in board along with additional components and yet may not be completely secure; however these can be easily taken care during RTC design.
Next section focus on some of the techniques that can be implemented in RTC to make system secure and avoid time related hacks.
Click here to read more ...