jaseg/ihsm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Paper: First revision for CHES submission done

Browse source
This commit is contained in:
jaseg 2021-04-01 16:39:09 +02:00
parent ea44143cf2
commit da7403596a
6 changed files with 163 additions and 155 deletions
Download patch file Download diff file Expand all files Collapse all files

38
doc/paper/rotohsm.bib
View file

@ -197,4 +197,42 @@
organization = {Wired Magazine},
}
@Article{sh2016,
author = {Maruthi G. S. and Vishwanath Hegde},
date = {2016},
journaltitle = {IEEE Sensors Journal},
title = {Application of MEMS Accelerometer for Detection and Diagnosis of Multiple Faults in the Roller Element Bearings of Three Phase Induction Motor},
doi = {https://doi.org/10.1109/JSEN.2015.2476561},
issn = {1558-1748},
issue = {1},
url = {https://www.researchgate.net/profile/Vishwanath-Hegde-2/publication/282389149_Application_of_MEMS_Accelerometer_for_Detection_and_Diagnosis_of_Multiple_Faults_in_the_Roller_Element_Bearings_of_Three_Phase_Induction_Motor/links/568bace808aebccc4e1c01fa/Application-of-MEMS-Accelerometer-for-Detection-and-Diagnosis-of-Multiple-Faults-in-the-Roller-Element-Bearings-of-Three-Phase-Induction-Motor.pdf},
volume = {16},
}
@Article{kvk2019,
author = {Ivar Koene and Raine Viitala and Petri Kuosmanen},
date = {2019},
journaltitle = {IEEE Access},
title = {Internet of Things Based Monitoring of Large Rotor Vibration With a Microelectromechanical Systems Accelerometer},
doi = {https://doi.org/10.1109/ACCESS.2019.2927793},
}
@TechReport{adc2019,
author = {Bertrand Campagnie},
date = {2019},
institution = {Analog Devices},
title = {Choose the Right Accelerometer for Predictive Maintenance},
url = {https://www.analog.com/media/en/technical-documentation/tech-articles/Choose-the-Right-Accelerometer-for-Predictive-Maintenance.pdf},
urldate = {2021-04-01},
}
@PhdThesis{e2013,
author = {Maged Elsaid Elnady},
date = {2013},
institution = {University of Manchester},
title = {On-Shaft Vibration Measurement Using a MEMS Accelerometer for Faults Diagnosis in Rotating Machines},
url = {https://www.research.manchester.ac.uk/portal/files/54530535/FULL_TEXT.PDF},
urldate = {2021-04-01},
}
@Comment{jabref-meta: databaseType:biblatex;}

BIN
doc/paper/rotohsm_paper.pdf
View file

Binary file not shown.

276
doc/paper/rotohsm_paper.tex
View file

@ -80,9 +80,8 @@ defenses the HSM is now equipped with an accelerometer that it uses to verify th
would an attacker approach this HSM? They would have to either slow down the rotation---which triggers the
accelerometer---or they would have to attack the HSM in motion. The HSM literally becomes a moving target. At slow
speeds, rotating the entire attack workbench might be possible but rotating frames of reference quickly become
inhospitable to human life (see Appendix~\ref{sec_minimum_angular_velocity}). Since non-contact electromagnetic or
optical attacks are more limited in the first place and can be shielded, we have effectively forced the attacker to use
an attack robot.
inhospitable to human life (see Section~\ref{sec_ihsm_motion}). Since non-contact electromagnetic or optical attacks are
more limited in the first place and can be shielded, we have effectively forced the attacker to use an attack robot.
This work contains the following contributions:
\begin{enumerate}
@ -90,11 +89,21 @@ This work contains the following contributions:
highly secure HSMs.
\item We discuss possible boundary sensing modes for inertial HSMs.
\item We explore the design space of our inertial HSM concept.
\item We present our work on a prototype inertial HSM.
\item We present our work on a prototype inertial HSM (Figure~\ref{prototype_picture}).
\item We present an anlysis on the viability of using commodity MEMS accelerometers as braking sensors.
% FIXME \item Measurement of the prototype HSM's susceptibility to various types of attack.
\end{enumerate}
\begin{figure}
% FIXME replace picture with publication-quality one
\center
\includegraphics[width=8cm]{prototype_early_comms_small.jpg}
\caption{The protoype when we first achieved reliable power transfer and bidirectional communication between stator
and rotor. In the picture, the prototype was communicating reliably up to the maximum $\approx\SI{1500}{rpm}$ that
we could get out of its hobby quadcopter parts.}
\label{prototype_picture}
\end{figure}
In Section~\ref{sec_related_work}, we will give an overview of the state of the art in the physical security of HSMs. On
this basis, in Section~\ref{sec_ihsm_construction} we will elaborate the principles of our inertial HSM approach. We
will analyze its weaknesses in Section~\ref{sec_attacks}. Based on these results we have built a prototype system that
@ -116,6 +125,27 @@ anderson2020}. There has been some research on monitoring the HSM's inside usin
radiation~\cite{tobisch2020, kreft2012} or ultrasound~\cite{vrijaldenhoven2004} but none of this research
has found widespread adoption yet.
HSMs can be compared to physical seals~\cite{anderson2020}. Both are tamper evident devices. The difference is that a
HSM continuously monitors itself whereas a physical seal only serves to record tampering and requires someone to examine
it. This examination can be by eye in the field, but it can also be using complex equipment in a laboratory. An HSM in
principle has to have this examination equipment built-in.
Physical seals are used in a wide variety of applications, but the most interesting ones from a research point of view
that are recorded in public literature are those used in monitoring of nuclear material under the International Atomic
Energy Authority (IAEA). Most of these seals use the same approach that is used in Physically
Uncloneable Functions, though their development predates that of PUFs by several decades. The seal is created in a way
that intentionally causes large, random device to device variations. These variations are precisely recorded at
deployment. At the end of the seals lifetime, the device is returned from the field to the lab and closely examined to
check for any deviations from the seal's prior recorded state. The type of variation used in these seals includes random
scratches in metal parts and random blobs of solder (IAEA metal cap seal), randomly cut optical fibers (COBRA seal),
the uncontrollably random distribution of glitter particles in a polymer matrix (COBRA seal prototypes) as well as the
precise three-dimensional surface structure of metal parts at microscopic scales (LMCV)~\cite{iaea2011}.
The IAEA's equipment portfolio does include electronic seals such as the EOSS. These devices are intended for remote
reading, similar to an HSM. They are constructed from two components: A cable that is surveilled for tampering, and a
monitoring device. The monitoring device itself is in effect an HSM and uses a security mesh foil like it is used in
commercial HSMs.
In~\cite{anderson2020}, Anderson gives a comprehensive overview on physical security. An example they cite is the IBM
4758 HSM whose details are laid out in depth in~\cite{smith1998}. This HSM is an example of an industry-standard
construction. Although its turn of the century design is now a bit dated, the construction techniques of the physical
@ -160,6 +190,17 @@ closest to a mechanical HSM that we were able to find during our research is an
describes a mechanism to detect tampering along a communication cable by enclosing the cable inside a conduit filled
with pressurized gas.
\subsection{Patents literature}
During development, we performed several hours of research on prior art for the inertial HSM concept. Yet, we could not
find any mentions of similar concepts either in academic literature or in patents. Thus, we are likely the inventors of
this idea and we are fairly sure it is not covered by any patents or other restrictions at this point in time.
Since the concept is primarily attractive for small-scale production and since cheaper mass-production alternatives are
already commercially available, we have decided against applying for a patent and we wish to make it available to the
general public without any restrictions on its use. We invite you to use it as you wish and to base your own work on our
publications without any fees or commercial restrictions. Where possible, we ask you to cite this paper and attribute
the inertial HSM concept to its authors.
\section{Inertial HSM construction and operation}
\label{sec_ihsm_construction}
@ -179,6 +220,7 @@ The core questions in the design of an inertial HSM are the following:
We will approach these questions one by one in the following subsections.
\subsection{Inertial HSM motion}
\label{sec_ihsm_motion}
First, there are several ways that we can approach motion. There is periodic, aperiodic and continuous motion. There is
also linear motion as well as rotation. We can also vary the degree of electronic control in this motion. The main
@ -197,14 +239,11 @@ tamper protection at the axis, or by having the HSM perform a compound rotation
A beneficial side-effect of rotation is that an attacker trying to follow the motion would have to rotate around
the same axis. By choosing a suitable rotation frequency we can thus prevent an attacker from following the devices
motion since doing so would subject them to impractically large centrifugal forces. Essentially, this limits the
approximate maximum size and mass of an attacker based on an assumption on tolerable centrifugal force (see Appendix
\ref{sec_minimum_angular_velocity}).
approximate maximum size and mass of an attacker based on an assumption on tolerable centrifugal force.
Large centrifugal acceleration at high speeds poses the engineering challenge of preventing rapid unscheduled
disassembly of the device, but it also creates an obstacle to any attacker trying to manipulate the device.
From a coarse calculation (Appendix \ref{sec_minimum_angular_velocity}) we conclude that even at moderate speeds (above
$\SI{500}{rpm}$), a manual attack is no longer possible and any attack would have to be carried out using either
computer control or precise mechanics.
disassembly of the device, but it also creates an obstacle to any attacker trying to manipulate the device in a
\emph{swivel chair attack} (see Section~\ref{sec_swivel_chair_attack}).
In this paper we focus on rotating IHSMs for simplicity of construction. For our initial research, we are focusing on
systems having a fixed axis of rotation due to their relative simplicity in prototype construction but we note the
@ -242,12 +281,20 @@ manipulation.
While the obvious choice to monitor rotation would be a tachometer such as a magnetic or opitical sensor attached to the
IHSM's shaft, this would be a poor choice in our application. Both optical and magnetic sensors are susceptible to
contact-less interference from outside. Instead, an accelerometer is a good component to serve as an IHSM's tamper
sensor. Modern fully intergrated MEMS accelerometers are very precise. By comparing acceleration measurements against a
model of the device's mechanical motion, deviations can quickly be detected. This limits an attacker's ability to tamper
with the device's motion. It may also allow remote monitoring of the device's mechanical components such as bearings.
Accelerometers are fast enough to capture vibrations, which can be used as an early warning sign of failing mechanical
components. % FIXME citation
contact-less interference from outside. Another option would be to use feedback from the motor driver electronics. When
using a BLDC motor, the driver electronics precisely know the rotor's position at all times. The issue with this
approach is that depending on construction, it might invite attacks at the mechanical interface between mesh and the
motor's shaft. If an attacker can decouple the mesh from the motor e.g.\ by drilling, laser ablation or electrical
discharge machining (EDM) on the motor's shaft, the motor could keep spinning at its nominal frequency while the mesh is
already standing still.
Instead of a stator-side sensor like a magnetic tachometer or feedback from a BLDC controller, an accelerometer placed
inside the rotor's mesh monitoring circuit is a good component to serve as an IHSM's tamper sensor. Modern fully
intergrated MEMS accelerometers are very precise. By comparing acceleration measurements against a model of the device's
mechanical motion, deviations can quickly be detected. This limits an attacker's ability to tamper with the device's
motion. It may also allow remote monitoring of the device's mechanical components such as bearings. MEMS accelerometers
are fast enough to capture vibrations, which can be used as an early warning sign of failing mechanical
components~\cite{kvk2019,si2016,adc2019,e2013}.
In a spinning IHSM, an accelerometer mounted at a known radius with its axis pointing radially will measure centrifugal
acceleration. Centrifugal acceleration rises linearly with radius, and with the square of frequency: $a=\omega^2 r$. For
@ -269,13 +316,8 @@ of accuracy. For rapid deceleration, commercial accelerometers will be much more
can be ignored. If we wish to also detect very slow deceleration, we have to take into account the accelerometer's drift
characteristics.
% TODO review below paragraph
In Section~\ref{sec_accel_meas} below we conduct an empirical evaluation of a commercial automotive high-$g$
accelerometer for braking detection in our prototype IHSM.
In Appendix~\ref{sec_degrees_of_freedom} we consider accelerometer configurations and we conclude that one three-axis
accelerometer each in the rotor and in the stator are a good baseline configuration. In general, the system will be more
sensitive to attacks if we over-determine the system of equations describing its motion by using more sensors than
necessary.
\subsection{Mechanical layout}
@ -320,6 +362,21 @@ Only to attack an IHSM, assuming that the braking detection system works they wi
tool that follows the HSMs rotation at high speed. This may require specialized mechanical tools, CNC actuators or
even a contactless attack using a laser, plasma jet or water jet.
\subsection{Swivel chair attacks}
First we will consider the most basic of all attacks: A human attacker holding a soldering iron trying to rotate
themselves along with the mesh using a very fast swivel chair. Let us pessimistically assume that this co-rotating
attacker has their center of mass on the axis of rotation. The attacker's body is likely on the order of
$\SI{200}{\milli\meter}$ wide along its shortest axis, resulting in a minimum radius from axis of rotation to surface of
about $\SI{100}{\milli\meter}$. Wikipedia lists horizontal g forces in the order of $\SI{20}{g}$ as the upper end of the
range tolerable by humans for seconds at a time or longer. We thus set our target acceleration to
$\SI{100}{g}\;\approx\;\SI{1000}{\meter\per\second^2}$, a safety factor of $5$ past that range. Centrifugal
acceleration is $a=\omega^2 r$. In our example this results in a minimum angular velocity of $f_\text{min} =
\frac{1}{2\pi}\sqrt{\frac{a}{r}} = \frac{1}{2\pi}\sqrt{\frac{\SI{1000}{\meter\per\second^2}}{\SI{100}{\milli\meter}}}
\approx \SI{16}{\hertz} \approx \SI{1000}{rpm}$. From this we can conclude that even at moderate speeds of
$\SI{1000}{rpm}$ and above, a manual attack is no longer possible and any attack would have to be carried out using some
kind of mechanical tool.
\subsection{Mechanical weak spots}
The tamper defense of an IHSM rests on the security mesh moving too fast to tamper. Depending on the type of motion
@ -391,8 +448,7 @@ mechanics~\cite{trippel2017}, but such attacks do not yield sufficient control t
A possible more invasive attack may be to first decapsulate the sensor MEMS using laser ablation synchronized with the
device's rotation. Then, a fast-setting glue such as a cyanoacrylate could be deposited on the MEMS, locking the
mechanism in place. This type of attack can be mitigated by mounting the accelerometer in a shielded location inside the
security envelope and by varying the rate of rotation over time. In Appendix~\ref{sec_degrees_of_freedom} we outline
some constraints on sensor placement.
security envelope and by varying the rate of rotation over time.
\subsection{Attacks on the alarm circuit}
@ -486,15 +542,28 @@ plugin, this results in an efficient toolchain from mechanical CAD design to pro
\subsection{Power transmission through the rotating joint}
The spinning mesh has its own autonomous monitoring circuit. This spinning monitoring circuit needs both power and data
connectivity to the stator. At the monitoring circuit's low power consumption (see
Appendix~\ref{sec_energy_calculations}), power transfer efficiency is irrelevant so we decided against mechanically
complex solutions such as slip rings or electronically complex ones such as inductive power transfer. Instead we opted
to use six series-connected solar cells mounted on the end of our cylindrical rotor that are directly fed into a large
$\SI{33}{\micro\farad}$ ceramic buffer capacitor. This solution provides around $\SI{3.0}{\volt}$ at several tens of
$\si{\milli\ampere}$ to the payload when illumination using either a $\SI{60}{\watt}$ incandescent light bulb or a
flicker-free LED studio light of similar brightness\footnote{LED lights intended for room lighting exhibit significant
flicker that can cause the monitoring circuit to reset. Incandescent lighting requires some care in shielding the IR
jata link from interference.}.
connectivity to the stator. To design the power link, we first have to estimate the monitoring circuit's power
consumption. We base our calculation on the (conservative) assumption that the spinning mesh sensor should send its
tamper status to the static monitoring circuit at least once every $T_\text{tx} = \SI{10}{\milli\second}$. At
$\SI{100}{\kilo\baud}$ a transmission of a one-byte message in standard UART framing would take
$\SI{100}{\micro\second}$ and yield an $\SI{1}{\percent}$ duty cycle. If we assume an optical or RF transmitter that
requires $\SI{10}{\milli\ampere}$ of active current, this yields an average operating current of
$\SI{100}{\micro\ampere}$. Reserving another $\SI{100}{\micro\ampere}$ for the monitoring circuit itself we arrive at an
energy consumption of $\SI{1.7}{\ampere\hour\per\year}$ (Ampère hour per year).
The annual energy consumption we calculated above is about equivalent to the capacity of a single CR123A lithium primary
cell. Using several such cells or optimizing power consumption would thus easily yield several years of battery life.
In our prototype we decided against using a battery to reduce rotor mass and balancing issues.
We also decided against mechanically complex solutions such as slip rings or electronically complex ones such as
inductive power transfer. Instead, we chose a simple setup consisting of a stationary lamp pointing at several solar
cells on the rotor. At the monitoring circuit's low power consumption, power transfer efficiency is irrelevant, so this
solution is practical. Our system uses six series-connected solar cells mounted on the end of the cylindrical rotor
that are fed into a large $\SI{33}{\micro\farad}$ ceramic buffer capacitor through a Schottky diode. This solution
provides around $\SI{3.0}{\volt}$ at several tens of $\si{\milli\ampere}$ to the payload when illumination using either
a $\SI{60}{\watt}$ incandescent light bulb or a flicker-free LED studio light of similar brightness\footnote{LED lights
intended for room lighting exhibit significant flicker that can cause the monitoring circuit to reset. Incandescent
lighting requires some care in shielding the IR data link from interference.}.
\subsection{Data transmission through the rotating joint}
@ -530,45 +599,19 @@ are shielded by the motor's body in the center of the PCB.
\caption{IR data link implementation}
\end{figure}
%%% FIXME rework parts below
\subsection{Evaluation}
% FIXME maybe move this to last chapter (conclusion)? to be in line with new mems evaluation chapter?
After building our prototype inertial HSM according to the design decisions we outlined above, we performed a series of
experiments to validate the critical components of the design.
During these experiments, our prototype performed as intended. Both power and data transmission through the rotating
joint were working reliably. Figure \ref{prototype_early_comms} shows our prototype performing reliably at maximum speed
for the first time. Our improvised IR link is open in both directions for about $\SI{60}{\degree}$ of the rotation,
which allows us to reliably transfer several tens of bytes in each direction during the receivers' fly-by even at high
speed of rotation. As a result of our prototype experiments, we consider a larger-scale implementation of the inertial
HSM concept practical.
\begin{figure}
\center
\includegraphics[width=8cm]{prototype_early_comms_small.jpg}
\caption{The protoype when we first achieved reliable power transfer and bidirectional communication between stator
and rotor. In the picture, the prototype was communicating reliably up to the maximum $\approx\SI{1500}{rpm}$ that
we could get out of its hobby quadcopter parts.}
\label{prototype_early_comms}
\end{figure}
% FIXME rework parts above
% new section follows.
\section{Using MEMS accelerometers for braking detection}
Using the prototype from the previous section, we performed an evaluation of an \partnum{AIS 1120} commercial automotive
Using the prototype from the previous section, we performed an evaluation of an \partnum{AIS1120} commercial automotive
MEMS accelerometer as a braking sensor. The device is mounted inside our prototype at a radius of
$\SI{55}{\milli\meter}$ from the axis of rotation to the center of the device's package. The \partnum{AIS 1120} provides
$\SI{55}{\milli\meter}$ from the axis of rotation to the center of the device's package. The \partnum{AIS1120} provides
a measurement range of $\pm 120\,g$. At its 14-bit resolution, one LSB corresponds to $15\,\mathrm{m}g$.
Our prototype IHSM uses a motor controller intended for use in RC quadcopters. In our experimental setup, we manually
control this motor controller through an RC servo tester. We measure the devices rotation speed using a magnet fixed to
the rotor and a reed switch held closeby by an articulating arm. The reed switch output is digitized using an USB logic
analyzer at a sampling rate of $\SI{100}{\mega\hertz}$. We calculcate rotation frequency as a $\SI{1}{\second}$ running
average over debounced interval lengths of this captured signal.
average over debounced interval lengths of this captured signal\footnote{A regular frequency counter or commercial
tachometer would have been easier, but were not available in our limited COVID-19 home office lab.}.
The accelerometer is controlled from the \partnum{STM32} microcontroller on the rotor of our IHSM prototype platform.
Timed by an external quartz, the microcontroller samples accelerometer readings at $\SI{10}{\hertz}$. Readings are
@ -618,7 +661,6 @@ blue, and theoretical behavior is shown in orange.
has a strong impact ($0.05\,g$ absolute or $8\%$ relative at $\SI{95}{rpm}$.}
\label{fig-acc-theory}
\end{figure}
% FIXME note how to sense actual rotation frequency somewhere -> falls out of motor driver
\begin{figure}
\begin{subfigure}{0.5\textwidth}
@ -642,105 +684,33 @@ blue, and theoretical behavior is shown in orange.
\end{figure}
\section{Conclusion}
\label{sec_conclusion}
\label{sec_conclusion} To conclude, in this paper we introduced inertial hardware security modules (iHSMs), a
novel concept for the construction of highly secure hardware security modules from inexpensive, commonly available
parts. We elaborated the engineering considerations underlying a practical implementation of this concept. We
implemented a prototype demonstrating practical solutions to the significant engineering challenges of this concept. We
analyzed the concept for its security properties and highlighted its ability to significantly strengthen otherwise weak
tamper detection barriers.
In this paper we introduced inertial hardware security modules (iHSMs), a novel concept for the construction of advanced
hardware security modules from simple components. We analyzed the concept for its security properties and highlighted
its ability to significantly strengthen otherwise weak tamper detection barriers. We validated our design by creating a
hardware prototype. In this prototype we have demonstrated practical solutions to the major electronics design
challenges: Data and power transfer through a rotating joint, and mechanized mesh generation. We have used our prototype
to perform several experiments to validate the rotary power and data links and the onboard accelerometer. Our
measurements have shown that our proof-of-concept solar cell power link works well. Our simple IR data link already is
sufficiently reliable for telemetry. Our experiments with the \partnum{AIS1120} off-the-shelf automotive accelerometer
showed that this part is well-suited for braking detection in the range of rotation speed relevant to the
IHSM scenario.
Inertial HSMs offer a high level of security beyond what traditional techniques can offer. They allow the construction
of devices secure against a wide range of practical attacks at prototype quantities and without specialized tools. We
hope that this simple construction will stimulate academic research into secure hardware.
of devices secure against a wide range of practical attacks at prototype quantities and without specialized tools. The
rotating mesh allows longitudinal gaps, which enables new applications that are impossible with traditional HSMs. Such
gaps can be used to integrate a fan for air cooling into the HSM, allowing the use of powerful computing hardware inside
the HSM. We hope that this simple construction will stimulate academic research into secure hardware.
\printbibliography[heading=bibintoc]
\appendix
\subsection{Spinning mesh energy calculations}
\label{sec_energy_calculations}
Assume that the spinning mesh sensor should send its tamper status to the static monitoring circuit at least once every
$T_\text{tx} = \SI{10}{\milli\second}$. At $\SI{100}{\kilo\baud}$ a transmission of a one-byte message in standard UART
framing would take $\SI{100}{\micro\second}$ and yield an $\SI{1}{\percent}$ duty cycle. If we assume an optical or RF
transmitter that requires $\SI{10}{\milli\ampere}$ of active current, this yields an average operating current of
$\SI{100}{\micro\ampere}$. Reserving another $\SI{100}{\micro\ampere}$ for the monitoring circuit itself we arrive at an
energy consumption of $\SI{1.7}{\ampere\hour\per\year}$.
\subsubsection{Battery power}
\label{sec_energy_calculations_battery}
The annual energy consumption we calculated above is about equivalent to the capacity of a single CR123A
lithium primary cell. Using several such cells or optimizing power consumption would thus easily yield several years of
battery life.
\subsubsection{LED and solar cell}
\label{sec_energy_calculations_led}
Let us assume an LED with a light output of $\SI{1}{W}$ illuminating a small solar cell. Let us pessimistically assume a
$\SI{5}{\percent}$ conversion efficiency in the solar cell. Let us assume that when the rotor is at its optimal
rotational angle, $\SI{20}{\percent}$ of the LED's light output couple into the solar cell. Let us assume that we loose
another $\SI{90}{\percent}$ of light output on average during one rotation when the rotor is in motion. This results in
an energy output from the solar cell of $\SI{1}{\milli\watt}$. Assuming a $\SI{3.3}{\volt}$ supply this yields
$\SI{300}{\micro\ampere}$ for our monitoring circuit. This is enough even with some conversion losses in the step-up
converter boosing the solar cell's $\SI{0.6}{\volt}$ working voltage to the monitoring circuit's supply voltage.
\subsection{Minimum angular velocity: Rotating human attacker}
\label{sec_minimum_angular_velocity}
An attacker might try to rotate along with the HSM to attack the security mesh without triggering the accelerometer. Let
us pessimistically assume that the attacker has the axis of rotation running through their center of mass. The
attacker's body is probably at least $\SI{200}{\milli\meter}$ wide along its shortest axis, resulting in a minimum
radius from axis of rotation to surface of about $\SI{100}{\milli\meter}$. We choose $\SI{250}{\meter\per\second^2}$ as
an arbitrary acceleration well past the range tolerable by humans according to Wikipedia. Centrifugal acceleration is
$a=\omega^2 r$. In our example this results in a minimum angular velocity of $\omega_\text{min} = \sqrt{\frac{a}{r}} =
\sqrt{\frac{\SI{250}{\meter\per\second^2}}{\SI{100}{\milli\meter}}} \approx 8\cdot 2\pi\frac{1}{\si{\second}} \approx 500
\text{rpm}$.
\subsection{Fooling the accelerometer}
\label{sec_degrees_of_freedom}
Let us consider a general inertial HSM with one or more sensors that is attacked by an attacker. In this scenario, it is
reasonable to assume that the rotating parts of the HSM are rigidly coupled to one another and will stay that way: For
the attacker to decouple parts of the HSM (e.g. to remove one of its accelerometers from the PCB), the attacker would
already have to circumvent the rotor's security mesh.
Assuming the HSM is stationary, a sensor on the rotating part will experience two significant accelerations:
\begin{enumerate}
\item Gravity $g = 9.8\frac{m}{s^2}$
\item Centrifugal force $a_C=\omega^2 r$, in the order of $\SI{1000}{\meter\per\second^2}$ or $100 g$ at
$r=\SI{100}{\milli\meter}$ and $\SI{1000}{rpm}$
\end{enumerate}
Due to the vast differences in both radius and angular velocity, we can neglegt any influence of the earth's rotation on
our system.
In normal operation, the HSM is stationary ($\mathbf v=0$) and the HSM's motor is tuned to exactly counter-balance
friction so the rotor's angular velocity remains constant. As a rigid body, the rotor's motion is fully defined by its
rotation and translation. In total, this makes for six degrees of freedom. The three degrees of freedom of linear
translation we can measure directly with an accelerometer in the stationary part on the inside of the HSM. This
accelerometer could detect any rapid acceleration of the HSM's rotor. To measure rotation, we could mount a
gyroscope on the rotor to detect deceleration. The issue with this is that like other MEMS acceleration sensors,
commercial MEMS gyroscopes are vulnerable to drift and an attacker could slowly decelerate the rotor without being
detected.
A linear accelerometer mounted on the rotor however is able to catch even this attack. Subtracting gravity, it could
determine both magnitude and direction of the centrifugal force, which is proportional to the square of angular velocity
and not its derivative.
In summary, a single three-axis accelerometer on the rotor combined with a three-axis accelerometer in the stator would
be a good baseline configuration.
\subsection{Patents and licensing}
During development, we performed several hours of research on prior art for the inertial HSM concept. Yet, we could not
find any mentions of similar concepts either in academic literature or in patents. Thus, we are likely the inventors of
this idea and we are fairly sure it is not covered by any patents or other restrictions at this point in time.
Since the concept is primarily attractive for small-scale production and since cheaper mass-production alternatives are
already commercially available, we have decided against applying for a patent and we wish to make it available to the
general public without any restrictions on its use. This paper itself is licensed CC-BY-SA (see below). As for the
inertial HSM concept, we invite you to use it as you wish and to base your own work on our publications without any fees
or commercial restrictions. Where possible, we ask you to cite this paper and attribute the inertial HSM concept to its
authors.
%%% FIXME remove appendix and work into text.
\center{
\center{This is version \texttt{\input{version.tex}\unskip} generated on \today. The git repository can be found at:}
\center{This is version \texttt{\input{version.tex}\unskip} of this paper, generated on \today. The git repository
can be found at:}
\center{\url{https://git.jaseg.de/rotohsm.git}}
}

BIN
doc/paper/rotohsm_tech_report.pdf
View file

Binary file not shown.