summaryrefslogtreecommitdiff
path: root/doc/paper
diff options
context:
space:
mode:
authorjaseg <git-bigdata-wsl-arch@jaseg.de>2021-04-01 16:39:09 +0200
committerjaseg <git-bigdata-wsl-arch@jaseg.de>2021-04-01 16:39:09 +0200
commitda7403596a61369f73282131e78df1b64f1b5247 (patch)
tree69b72594c8f82fb40de684107359a8bd079f0232 /doc/paper
parentea44143cf2290e887c16fc7e1f9fa6a0e084fcbd (diff)
downloadihsm-da7403596a61369f73282131e78df1b64f1b5247.tar.gz
ihsm-da7403596a61369f73282131e78df1b64f1b5247.tar.bz2
ihsm-da7403596a61369f73282131e78df1b64f1b5247.zip
Paper: First revision for CHES submission done
Diffstat (limited to 'doc/paper')
-rw-r--r--doc/paper/rotohsm.bib38
-rw-r--r--doc/paper/rotohsm_paper.pdfbin1580897 -> 1584239 bytes
-rw-r--r--doc/paper/rotohsm_paper.tex278
-rw-r--r--doc/paper/rotohsm_tech_report.pdfbin112534 -> 112232 bytes
4 files changed, 162 insertions, 154 deletions
diff --git a/doc/paper/rotohsm.bib b/doc/paper/rotohsm.bib
index 1092c3a..f32140a 100644
--- a/doc/paper/rotohsm.bib
+++ b/doc/paper/rotohsm.bib
@@ -197,4 +197,42 @@
organization = {Wired Magazine},
}
+@Article{sh2016,
+ author = {Maruthi G. S. and Vishwanath Hegde},
+ date = {2016},
+ journaltitle = {IEEE Sensors Journal},
+ title = {Application of MEMS Accelerometer for Detection and Diagnosis of Multiple Faults in the Roller Element Bearings of Three Phase Induction Motor},
+ doi = {https://doi.org/10.1109/JSEN.2015.2476561},
+ issn = {1558-1748},
+ issue = {1},
+ url = {https://www.researchgate.net/profile/Vishwanath-Hegde-2/publication/282389149_Application_of_MEMS_Accelerometer_for_Detection_and_Diagnosis_of_Multiple_Faults_in_the_Roller_Element_Bearings_of_Three_Phase_Induction_Motor/links/568bace808aebccc4e1c01fa/Application-of-MEMS-Accelerometer-for-Detection-and-Diagnosis-of-Multiple-Faults-in-the-Roller-Element-Bearings-of-Three-Phase-Induction-Motor.pdf},
+ volume = {16},
+}
+
+@Article{kvk2019,
+ author = {Ivar Koene and Raine Viitala and Petri Kuosmanen},
+ date = {2019},
+ journaltitle = {IEEE Access},
+ title = {Internet of Things Based Monitoring of Large Rotor Vibration With a Microelectromechanical Systems Accelerometer},
+ doi = {https://doi.org/10.1109/ACCESS.2019.2927793},
+}
+
+@TechReport{adc2019,
+ author = {Bertrand Campagnie},
+ date = {2019},
+ institution = {Analog Devices},
+ title = {Choose the Right Accelerometer for Predictive Maintenance},
+ url = {https://www.analog.com/media/en/technical-documentation/tech-articles/Choose-the-Right-Accelerometer-for-Predictive-Maintenance.pdf},
+ urldate = {2021-04-01},
+}
+
+@PhdThesis{e2013,
+ author = {Maged Elsaid Elnady},
+ date = {2013},
+ institution = {University of Manchester},
+ title = {On-Shaft Vibration Measurement Using a MEMS Accelerometer for Faults Diagnosis in Rotating Machines},
+ url = {https://www.research.manchester.ac.uk/portal/files/54530535/FULL_TEXT.PDF},
+ urldate = {2021-04-01},
+}
+
@Comment{jabref-meta: databaseType:biblatex;}
diff --git a/doc/paper/rotohsm_paper.pdf b/doc/paper/rotohsm_paper.pdf
index 974af7b..5ab9d30 100644
--- a/doc/paper/rotohsm_paper.pdf
+++ b/doc/paper/rotohsm_paper.pdf
Binary files differ
diff --git a/doc/paper/rotohsm_paper.tex b/doc/paper/rotohsm_paper.tex
index 83846a9..0e02ff4 100644
--- a/doc/paper/rotohsm_paper.tex
+++ b/doc/paper/rotohsm_paper.tex
@@ -80,9 +80,8 @@ defenses the HSM is now equipped with an accelerometer that it uses to verify th
would an attacker approach this HSM? They would have to either slow down the rotation---which triggers the
accelerometer---or they would have to attack the HSM in motion. The HSM literally becomes a moving target. At slow
speeds, rotating the entire attack workbench might be possible but rotating frames of reference quickly become
-inhospitable to human life (see Appendix~\ref{sec_minimum_angular_velocity}). Since non-contact electromagnetic or
-optical attacks are more limited in the first place and can be shielded, we have effectively forced the attacker to use
-an attack robot.
+inhospitable to human life (see Section~\ref{sec_ihsm_motion}). Since non-contact electromagnetic or optical attacks are
+more limited in the first place and can be shielded, we have effectively forced the attacker to use an attack robot.
This work contains the following contributions:
\begin{enumerate}
@@ -90,11 +89,21 @@ This work contains the following contributions:
highly secure HSMs.
\item We discuss possible boundary sensing modes for inertial HSMs.
\item We explore the design space of our inertial HSM concept.
- \item We present our work on a prototype inertial HSM.
+ \item We present our work on a prototype inertial HSM (Figure~\ref{prototype_picture}).
\item We present an anlysis on the viability of using commodity MEMS accelerometers as braking sensors.
% FIXME \item Measurement of the prototype HSM's susceptibility to various types of attack.
\end{enumerate}
+\begin{figure}
+ % FIXME replace picture with publication-quality one
+ \center
+ \includegraphics[width=8cm]{prototype_early_comms_small.jpg}
+ \caption{The protoype when we first achieved reliable power transfer and bidirectional communication between stator
+ and rotor. In the picture, the prototype was communicating reliably up to the maximum $\approx\SI{1500}{rpm}$ that
+ we could get out of its hobby quadcopter parts.}
+ \label{prototype_picture}
+\end{figure}
+
In Section~\ref{sec_related_work}, we will give an overview of the state of the art in the physical security of HSMs. On
this basis, in Section~\ref{sec_ihsm_construction} we will elaborate the principles of our inertial HSM approach. We
will analyze its weaknesses in Section~\ref{sec_attacks}. Based on these results we have built a prototype system that
@@ -116,6 +125,27 @@ anderson2020}. There has been some research on monitoring the HSM's inside usin
radiation~\cite{tobisch2020, kreft2012} or ultrasound~\cite{vrijaldenhoven2004} but none of this research
has found widespread adoption yet.
+HSMs can be compared to physical seals~\cite{anderson2020}. Both are tamper evident devices. The difference is that a
+HSM continuously monitors itself whereas a physical seal only serves to record tampering and requires someone to examine
+it. This examination can be by eye in the field, but it can also be using complex equipment in a laboratory. An HSM in
+principle has to have this examination equipment built-in.
+
+Physical seals are used in a wide variety of applications, but the most interesting ones from a research point of view
+that are recorded in public literature are those used in monitoring of nuclear material under the International Atomic
+Energy Authority (IAEA). Most of these seals use the same approach that is used in Physically
+Uncloneable Functions, though their development predates that of PUFs by several decades. The seal is created in a way
+that intentionally causes large, random device to device variations. These variations are precisely recorded at
+deployment. At the end of the seals lifetime, the device is returned from the field to the lab and closely examined to
+check for any deviations from the seal's prior recorded state. The type of variation used in these seals includes random
+scratches in metal parts and random blobs of solder (IAEA metal cap seal), randomly cut optical fibers (COBRA seal),
+the uncontrollably random distribution of glitter particles in a polymer matrix (COBRA seal prototypes) as well as the
+precise three-dimensional surface structure of metal parts at microscopic scales (LMCV)~\cite{iaea2011}.
+
+The IAEA's equipment portfolio does include electronic seals such as the EOSS. These devices are intended for remote
+reading, similar to an HSM. They are constructed from two components: A cable that is surveilled for tampering, and a
+monitoring device. The monitoring device itself is in effect an HSM and uses a security mesh foil like it is used in
+commercial HSMs.
+
In~\cite{anderson2020}, Anderson gives a comprehensive overview on physical security. An example they cite is the IBM
4758 HSM whose details are laid out in depth in~\cite{smith1998}. This HSM is an example of an industry-standard
construction. Although its turn of the century design is now a bit dated, the construction techniques of the physical
@@ -160,6 +190,17 @@ closest to a mechanical HSM that we were able to find during our research is an
describes a mechanism to detect tampering along a communication cable by enclosing the cable inside a conduit filled
with pressurized gas.
+\subsection{Patents literature}
+During development, we performed several hours of research on prior art for the inertial HSM concept. Yet, we could not
+find any mentions of similar concepts either in academic literature or in patents. Thus, we are likely the inventors of
+this idea and we are fairly sure it is not covered by any patents or other restrictions at this point in time.
+
+Since the concept is primarily attractive for small-scale production and since cheaper mass-production alternatives are
+already commercially available, we have decided against applying for a patent and we wish to make it available to the
+general public without any restrictions on its use. We invite you to use it as you wish and to base your own work on our
+publications without any fees or commercial restrictions. Where possible, we ask you to cite this paper and attribute
+the inertial HSM concept to its authors.
+
\section{Inertial HSM construction and operation}
\label{sec_ihsm_construction}
@@ -179,6 +220,7 @@ The core questions in the design of an inertial HSM are the following:
We will approach these questions one by one in the following subsections.
\subsection{Inertial HSM motion}
+\label{sec_ihsm_motion}
First, there are several ways that we can approach motion. There is periodic, aperiodic and continuous motion. There is
also linear motion as well as rotation. We can also vary the degree of electronic control in this motion. The main
@@ -197,14 +239,11 @@ tamper protection at the axis, or by having the HSM perform a compound rotation
A beneficial side-effect of rotation is that an attacker trying to follow the motion would have to rotate around
the same axis. By choosing a suitable rotation frequency we can thus prevent an attacker from following the devices
motion since doing so would subject them to impractically large centrifugal forces. Essentially, this limits the
-approximate maximum size and mass of an attacker based on an assumption on tolerable centrifugal force (see Appendix
-\ref{sec_minimum_angular_velocity}).
+approximate maximum size and mass of an attacker based on an assumption on tolerable centrifugal force.
Large centrifugal acceleration at high speeds poses the engineering challenge of preventing rapid unscheduled
-disassembly of the device, but it also creates an obstacle to any attacker trying to manipulate the device.
-From a coarse calculation (Appendix \ref{sec_minimum_angular_velocity}) we conclude that even at moderate speeds (above
-$\SI{500}{rpm}$), a manual attack is no longer possible and any attack would have to be carried out using either
-computer control or precise mechanics.
+disassembly of the device, but it also creates an obstacle to any attacker trying to manipulate the device in a
+\emph{swivel chair attack} (see Section~\ref{sec_swivel_chair_attack}).
In this paper we focus on rotating IHSMs for simplicity of construction. For our initial research, we are focusing on
systems having a fixed axis of rotation due to their relative simplicity in prototype construction but we note the
@@ -242,12 +281,20 @@ manipulation.
While the obvious choice to monitor rotation would be a tachometer such as a magnetic or opitical sensor attached to the
IHSM's shaft, this would be a poor choice in our application. Both optical and magnetic sensors are susceptible to
-contact-less interference from outside. Instead, an accelerometer is a good component to serve as an IHSM's tamper
-sensor. Modern fully intergrated MEMS accelerometers are very precise. By comparing acceleration measurements against a
-model of the device's mechanical motion, deviations can quickly be detected. This limits an attacker's ability to tamper
-with the device's motion. It may also allow remote monitoring of the device's mechanical components such as bearings.
-Accelerometers are fast enough to capture vibrations, which can be used as an early warning sign of failing mechanical
-components. % FIXME citation
+contact-less interference from outside. Another option would be to use feedback from the motor driver electronics. When
+using a BLDC motor, the driver electronics precisely know the rotor's position at all times. The issue with this
+approach is that depending on construction, it might invite attacks at the mechanical interface between mesh and the
+motor's shaft. If an attacker can decouple the mesh from the motor e.g.\ by drilling, laser ablation or electrical
+discharge machining (EDM) on the motor's shaft, the motor could keep spinning at its nominal frequency while the mesh is
+already standing still.
+
+Instead of a stator-side sensor like a magnetic tachometer or feedback from a BLDC controller, an accelerometer placed
+inside the rotor's mesh monitoring circuit is a good component to serve as an IHSM's tamper sensor. Modern fully
+intergrated MEMS accelerometers are very precise. By comparing acceleration measurements against a model of the device's
+mechanical motion, deviations can quickly be detected. This limits an attacker's ability to tamper with the device's
+motion. It may also allow remote monitoring of the device's mechanical components such as bearings. MEMS accelerometers
+are fast enough to capture vibrations, which can be used as an early warning sign of failing mechanical
+components~\cite{kvk2019,si2016,adc2019,e2013}.
In a spinning IHSM, an accelerometer mounted at a known radius with its axis pointing radially will measure centrifugal
acceleration. Centrifugal acceleration rises linearly with radius, and with the square of frequency: $a=\omega^2 r$. For
@@ -269,13 +316,8 @@ of accuracy. For rapid deceleration, commercial accelerometers will be much more
can be ignored. If we wish to also detect very slow deceleration, we have to take into account the accelerometer's drift
characteristics.
-% TODO review below paragraph
In Section~\ref{sec_accel_meas} below we conduct an empirical evaluation of a commercial automotive high-$g$
accelerometer for braking detection in our prototype IHSM.
-In Appendix~\ref{sec_degrees_of_freedom} we consider accelerometer configurations and we conclude that one three-axis
-accelerometer each in the rotor and in the stator are a good baseline configuration. In general, the system will be more
-sensitive to attacks if we over-determine the system of equations describing its motion by using more sensors than
-necessary.
\subsection{Mechanical layout}
@@ -320,6 +362,21 @@ Only to attack an IHSM, assuming that the braking detection system works they wi
tool that follows the HSMs rotation at high speed. This may require specialized mechanical tools, CNC actuators or
even a contactless attack using a laser, plasma jet or water jet.
+\subsection{Swivel chair attacks}
+
+First we will consider the most basic of all attacks: A human attacker holding a soldering iron trying to rotate
+themselves along with the mesh using a very fast swivel chair. Let us pessimistically assume that this co-rotating
+attacker has their center of mass on the axis of rotation. The attacker's body is likely on the order of
+$\SI{200}{\milli\meter}$ wide along its shortest axis, resulting in a minimum radius from axis of rotation to surface of
+about $\SI{100}{\milli\meter}$. Wikipedia lists horizontal g forces in the order of $\SI{20}{g}$ as the upper end of the
+range tolerable by humans for seconds at a time or longer. We thus set our target acceleration to
+$\SI{100}{g}\;\approx\;\SI{1000}{\meter\per\second^2}$, a safety factor of $5$ past that range. Centrifugal
+acceleration is $a=\omega^2 r$. In our example this results in a minimum angular velocity of $f_\text{min} =
+\frac{1}{2\pi}\sqrt{\frac{a}{r}} = \frac{1}{2\pi}\sqrt{\frac{\SI{1000}{\meter\per\second^2}}{\SI{100}{\milli\meter}}}
+\approx \SI{16}{\hertz} \approx \SI{1000}{rpm}$. From this we can conclude that even at moderate speeds of
+$\SI{1000}{rpm}$ and above, a manual attack is no longer possible and any attack would have to be carried out using some
+kind of mechanical tool.
+
\subsection{Mechanical weak spots}
The tamper defense of an IHSM rests on the security mesh moving too fast to tamper. Depending on the type of motion
@@ -391,8 +448,7 @@ mechanics~\cite{trippel2017}, but such attacks do not yield sufficient control t
A possible more invasive attack may be to first decapsulate the sensor MEMS using laser ablation synchronized with the
device's rotation. Then, a fast-setting glue such as a cyanoacrylate could be deposited on the MEMS, locking the
mechanism in place. This type of attack can be mitigated by mounting the accelerometer in a shielded location inside the
-security envelope and by varying the rate of rotation over time. In Appendix~\ref{sec_degrees_of_freedom} we outline
-some constraints on sensor placement.
+security envelope and by varying the rate of rotation over time.
\subsection{Attacks on the alarm circuit}
@@ -486,15 +542,28 @@ plugin, this results in an efficient toolchain from mechanical CAD design to pro
\subsection{Power transmission through the rotating joint}
The spinning mesh has its own autonomous monitoring circuit. This spinning monitoring circuit needs both power and data
-connectivity to the stator. At the monitoring circuit's low power consumption (see
-Appendix~\ref{sec_energy_calculations}), power transfer efficiency is irrelevant so we decided against mechanically
-complex solutions such as slip rings or electronically complex ones such as inductive power transfer. Instead we opted
-to use six series-connected solar cells mounted on the end of our cylindrical rotor that are directly fed into a large
-$\SI{33}{\micro\farad}$ ceramic buffer capacitor. This solution provides around $\SI{3.0}{\volt}$ at several tens of
-$\si{\milli\ampere}$ to the payload when illumination using either a $\SI{60}{\watt}$ incandescent light bulb or a
-flicker-free LED studio light of similar brightness\footnote{LED lights intended for room lighting exhibit significant
-flicker that can cause the monitoring circuit to reset. Incandescent lighting requires some care in shielding the IR
-jata link from interference.}.
+connectivity to the stator. To design the power link, we first have to estimate the monitoring circuit's power
+consumption. We base our calculation on the (conservative) assumption that the spinning mesh sensor should send its
+tamper status to the static monitoring circuit at least once every $T_\text{tx} = \SI{10}{\milli\second}$. At
+$\SI{100}{\kilo\baud}$ a transmission of a one-byte message in standard UART framing would take
+$\SI{100}{\micro\second}$ and yield an $\SI{1}{\percent}$ duty cycle. If we assume an optical or RF transmitter that
+requires $\SI{10}{\milli\ampere}$ of active current, this yields an average operating current of
+$\SI{100}{\micro\ampere}$. Reserving another $\SI{100}{\micro\ampere}$ for the monitoring circuit itself we arrive at an
+energy consumption of $\SI{1.7}{\ampere\hour\per\year}$ (Ampère hour per year).
+
+The annual energy consumption we calculated above is about equivalent to the capacity of a single CR123A lithium primary
+cell. Using several such cells or optimizing power consumption would thus easily yield several years of battery life.
+In our prototype we decided against using a battery to reduce rotor mass and balancing issues.
+
+We also decided against mechanically complex solutions such as slip rings or electronically complex ones such as
+inductive power transfer. Instead, we chose a simple setup consisting of a stationary lamp pointing at several solar
+cells on the rotor. At the monitoring circuit's low power consumption, power transfer efficiency is irrelevant, so this
+solution is practical. Our system uses six series-connected solar cells mounted on the end of the cylindrical rotor
+that are fed into a large $\SI{33}{\micro\farad}$ ceramic buffer capacitor through a Schottky diode. This solution
+provides around $\SI{3.0}{\volt}$ at several tens of $\si{\milli\ampere}$ to the payload when illumination using either
+a $\SI{60}{\watt}$ incandescent light bulb or a flicker-free LED studio light of similar brightness\footnote{LED lights
+intended for room lighting exhibit significant flicker that can cause the monitoring circuit to reset. Incandescent
+lighting requires some care in shielding the IR data link from interference.}.
\subsection{Data transmission through the rotating joint}
@@ -530,45 +599,19 @@ are shielded by the motor's body in the center of the PCB.
\caption{IR data link implementation}
\end{figure}
-%%% FIXME rework parts below
-
-\subsection{Evaluation}
-% FIXME maybe move this to last chapter (conclusion)? to be in line with new mems evaluation chapter?
-
-After building our prototype inertial HSM according to the design decisions we outlined above, we performed a series of
-experiments to validate the critical components of the design.
-
-During these experiments, our prototype performed as intended. Both power and data transmission through the rotating
-joint were working reliably. Figure \ref{prototype_early_comms} shows our prototype performing reliably at maximum speed
-for the first time. Our improvised IR link is open in both directions for about $\SI{60}{\degree}$ of the rotation,
-which allows us to reliably transfer several tens of bytes in each direction during the receivers' fly-by even at high
-speed of rotation. As a result of our prototype experiments, we consider a larger-scale implementation of the inertial
-HSM concept practical.
-
-\begin{figure}
- \center
- \includegraphics[width=8cm]{prototype_early_comms_small.jpg}
- \caption{The protoype when we first achieved reliable power transfer and bidirectional communication between stator
- and rotor. In the picture, the prototype was communicating reliably up to the maximum $\approx\SI{1500}{rpm}$ that
- we could get out of its hobby quadcopter parts.}
- \label{prototype_early_comms}
-\end{figure}
-
-% FIXME rework parts above
-% new section follows.
-
\section{Using MEMS accelerometers for braking detection}
-Using the prototype from the previous section, we performed an evaluation of an \partnum{AIS 1120} commercial automotive
+Using the prototype from the previous section, we performed an evaluation of an \partnum{AIS1120} commercial automotive
MEMS accelerometer as a braking sensor. The device is mounted inside our prototype at a radius of
-$\SI{55}{\milli\meter}$ from the axis of rotation to the center of the device's package. The \partnum{AIS 1120} provides
+$\SI{55}{\milli\meter}$ from the axis of rotation to the center of the device's package. The \partnum{AIS1120} provides
a measurement range of $\pm 120\,g$. At its 14-bit resolution, one LSB corresponds to $15\,\mathrm{m}g$.
Our prototype IHSM uses a motor controller intended for use in RC quadcopters. In our experimental setup, we manually
control this motor controller through an RC servo tester. We measure the devices rotation speed using a magnet fixed to
the rotor and a reed switch held closeby by an articulating arm. The reed switch output is digitized using an USB logic
analyzer at a sampling rate of $\SI{100}{\mega\hertz}$. We calculcate rotation frequency as a $\SI{1}{\second}$ running
-average over debounced interval lengths of this captured signal.
+average over debounced interval lengths of this captured signal\footnote{A regular frequency counter or commercial
+tachometer would have been easier, but were not available in our limited COVID-19 home office lab.}.
The accelerometer is controlled from the \partnum{STM32} microcontroller on the rotor of our IHSM prototype platform.
Timed by an external quartz, the microcontroller samples accelerometer readings at $\SI{10}{\hertz}$. Readings are
@@ -618,7 +661,6 @@ blue, and theoretical behavior is shown in orange.
has a strong impact ($0.05\,g$ absolute or $8\%$ relative at $\SI{95}{rpm}$.}
\label{fig-acc-theory}
\end{figure}
-% FIXME note how to sense actual rotation frequency somewhere -> falls out of motor driver
\begin{figure}
\begin{subfigure}{0.5\textwidth}
@@ -642,105 +684,33 @@ blue, and theoretical behavior is shown in orange.
\end{figure}
\section{Conclusion}
-
-\label{sec_conclusion} To conclude, in this paper we introduced inertial hardware security modules (iHSMs), a
-novel concept for the construction of highly secure hardware security modules from inexpensive, commonly available
-parts. We elaborated the engineering considerations underlying a practical implementation of this concept. We
-implemented a prototype demonstrating practical solutions to the significant engineering challenges of this concept. We
-analyzed the concept for its security properties and highlighted its ability to significantly strengthen otherwise weak
-tamper detection barriers.
+\label{sec_conclusion}
+
+In this paper we introduced inertial hardware security modules (iHSMs), a novel concept for the construction of advanced
+hardware security modules from simple components. We analyzed the concept for its security properties and highlighted
+its ability to significantly strengthen otherwise weak tamper detection barriers. We validated our design by creating a
+hardware prototype. In this prototype we have demonstrated practical solutions to the major electronics design
+challenges: Data and power transfer through a rotating joint, and mechanized mesh generation. We have used our prototype
+to perform several experiments to validate the rotary power and data links and the onboard accelerometer. Our
+measurements have shown that our proof-of-concept solar cell power link works well. Our simple IR data link already is
+sufficiently reliable for telemetry. Our experiments with the \partnum{AIS1120} off-the-shelf automotive accelerometer
+showed that this part is well-suited for braking detection in the range of rotation speed relevant to the
+IHSM scenario.
Inertial HSMs offer a high level of security beyond what traditional techniques can offer. They allow the construction
-of devices secure against a wide range of practical attacks at prototype quantities and without specialized tools. We
-hope that this simple construction will stimulate academic research into secure hardware.
+of devices secure against a wide range of practical attacks at prototype quantities and without specialized tools. The
+rotating mesh allows longitudinal gaps, which enables new applications that are impossible with traditional HSMs. Such
+gaps can be used to integrate a fan for air cooling into the HSM, allowing the use of powerful computing hardware inside
+the HSM. We hope that this simple construction will stimulate academic research into secure hardware.
\printbibliography[heading=bibintoc]
-\appendix
-\subsection{Spinning mesh energy calculations}
-\label{sec_energy_calculations}
-Assume that the spinning mesh sensor should send its tamper status to the static monitoring circuit at least once every
-$T_\text{tx} = \SI{10}{\milli\second}$. At $\SI{100}{\kilo\baud}$ a transmission of a one-byte message in standard UART
-framing would take $\SI{100}{\micro\second}$ and yield an $\SI{1}{\percent}$ duty cycle. If we assume an optical or RF
-transmitter that requires $\SI{10}{\milli\ampere}$ of active current, this yields an average operating current of
-$\SI{100}{\micro\ampere}$. Reserving another $\SI{100}{\micro\ampere}$ for the monitoring circuit itself we arrive at an
-energy consumption of $\SI{1.7}{\ampere\hour\per\year}$.
-
-\subsubsection{Battery power}
-\label{sec_energy_calculations_battery}
-The annual energy consumption we calculated above is about equivalent to the capacity of a single CR123A
-lithium primary cell. Using several such cells or optimizing power consumption would thus easily yield several years of
-battery life.
-
-\subsubsection{LED and solar cell}
-\label{sec_energy_calculations_led}
-Let us assume an LED with a light output of $\SI{1}{W}$ illuminating a small solar cell. Let us pessimistically assume a
-$\SI{5}{\percent}$ conversion efficiency in the solar cell. Let us assume that when the rotor is at its optimal
-rotational angle, $\SI{20}{\percent}$ of the LED's light output couple into the solar cell. Let us assume that we loose
-another $\SI{90}{\percent}$ of light output on average during one rotation when the rotor is in motion. This results in
-an energy output from the solar cell of $\SI{1}{\milli\watt}$. Assuming a $\SI{3.3}{\volt}$ supply this yields
-$\SI{300}{\micro\ampere}$ for our monitoring circuit. This is enough even with some conversion losses in the step-up
-converter boosing the solar cell's $\SI{0.6}{\volt}$ working voltage to the monitoring circuit's supply voltage.
-
-\subsection{Minimum angular velocity: Rotating human attacker}
-\label{sec_minimum_angular_velocity}
-
-An attacker might try to rotate along with the HSM to attack the security mesh without triggering the accelerometer. Let
-us pessimistically assume that the attacker has the axis of rotation running through their center of mass. The
-attacker's body is probably at least $\SI{200}{\milli\meter}$ wide along its shortest axis, resulting in a minimum
-radius from axis of rotation to surface of about $\SI{100}{\milli\meter}$. We choose $\SI{250}{\meter\per\second^2}$ as
-an arbitrary acceleration well past the range tolerable by humans according to Wikipedia. Centrifugal acceleration is
-$a=\omega^2 r$. In our example this results in a minimum angular velocity of $\omega_\text{min} = \sqrt{\frac{a}{r}} =
-\sqrt{\frac{\SI{250}{\meter\per\second^2}}{\SI{100}{\milli\meter}}} \approx 8\cdot 2\pi\frac{1}{\si{\second}} \approx 500
-\text{rpm}$.
-
-\subsection{Fooling the accelerometer}
-\label{sec_degrees_of_freedom}
-
-Let us consider a general inertial HSM with one or more sensors that is attacked by an attacker. In this scenario, it is
-reasonable to assume that the rotating parts of the HSM are rigidly coupled to one another and will stay that way: For
-the attacker to decouple parts of the HSM (e.g. to remove one of its accelerometers from the PCB), the attacker would
-already have to circumvent the rotor's security mesh.
-
-Assuming the HSM is stationary, a sensor on the rotating part will experience two significant accelerations:
-\begin{enumerate}
- \item Gravity $g = 9.8\frac{m}{s^2}$
- \item Centrifugal force $a_C=\omega^2 r$, in the order of $\SI{1000}{\meter\per\second^2}$ or $100 g$ at
- $r=\SI{100}{\milli\meter}$ and $\SI{1000}{rpm}$
-\end{enumerate}
-
-Due to the vast differences in both radius and angular velocity, we can neglegt any influence of the earth's rotation on
-our system.
-In normal operation, the HSM is stationary ($\mathbf v=0$) and the HSM's motor is tuned to exactly counter-balance
-friction so the rotor's angular velocity remains constant. As a rigid body, the rotor's motion is fully defined by its
-rotation and translation. In total, this makes for six degrees of freedom. The three degrees of freedom of linear
-translation we can measure directly with an accelerometer in the stationary part on the inside of the HSM. This
-accelerometer could detect any rapid acceleration of the HSM's rotor. To measure rotation, we could mount a
-gyroscope on the rotor to detect deceleration. The issue with this is that like other MEMS acceleration sensors,
-commercial MEMS gyroscopes are vulnerable to drift and an attacker could slowly decelerate the rotor without being
-detected.
-A linear accelerometer mounted on the rotor however is able to catch even this attack. Subtracting gravity, it could
-determine both magnitude and direction of the centrifugal force, which is proportional to the square of angular velocity
-and not its derivative.
-
-In summary, a single three-axis accelerometer on the rotor combined with a three-axis accelerometer in the stator would
-be a good baseline configuration.
-
-\subsection{Patents and licensing}
-During development, we performed several hours of research on prior art for the inertial HSM concept. Yet, we could not
-find any mentions of similar concepts either in academic literature or in patents. Thus, we are likely the inventors of
-this idea and we are fairly sure it is not covered by any patents or other restrictions at this point in time.
-
-Since the concept is primarily attractive for small-scale production and since cheaper mass-production alternatives are
-already commercially available, we have decided against applying for a patent and we wish to make it available to the
-general public without any restrictions on its use. This paper itself is licensed CC-BY-SA (see below). As for the
-inertial HSM concept, we invite you to use it as you wish and to base your own work on our publications without any fees
-or commercial restrictions. Where possible, we ask you to cite this paper and attribute the inertial HSM concept to its
-authors.
+%%% FIXME remove appendix and work into text.
\center{
- \center{This is version \texttt{\input{version.tex}\unskip} generated on \today. The git repository can be found at:}
+ \center{This is version \texttt{\input{version.tex}\unskip} of this paper, generated on \today. The git repository
+ can be found at:}
\center{\url{https://git.jaseg.de/rotohsm.git}}
}
diff --git a/doc/paper/rotohsm_tech_report.pdf b/doc/paper/rotohsm_tech_report.pdf
index 4f39c19..4dd1f58 100644
--- a/doc/paper/rotohsm_tech_report.pdf
+++ b/doc/paper/rotohsm_tech_report.pdf
Binary files differ