diff --git a/chapter-hsms/chapter.tex b/chapter-hsms/chapter.tex
index 0c7b4e6..c28b1a0 100644
--- a/chapter-hsms/chapter.tex
+++ b/chapter-hsms/chapter.tex
@@ -13,3 +13,169 @@ security module from other, weaker secure hardware primitives such as Smart Card
 
 % FIXME include stuff from hsm survey paper
 % FIXME include stuff from EPA paper
+
+\section{The History of Tamper Sensing Meshes}
+
+\subsection{Use by the US Military}
+
+Electronic tamper sensing meshes are documented in literature beginning around World War \RN{2}. The earliest mention of
+such a system we are aware of is from notes on a series of lectures given by Dr.~David~G. Boak, a specialist in
+communications security and signal intelligence at the US National Security
+Agency\cite{nsaHistoryUSCommunications1973,nsaHistoryUSCommunications1981}. In this lecture series, Boak mentions that
+around World War \RN{2}, the US became concerned about the security of their ciphering machines, which at the time were
+large, fridge-sized electro-mechanical contraptions. Initially, simple safes were used to protect those
+devices---however, as Boak notes, the US was well aware that they could not build a safe that a well-equipped specialist
+could not break open within an hour. As a solution, the NSA started development on what we would today call a Hardware
+Security Module by encapsulating a crypto coprocessor in a tamper sensing envelope. Boak observes that as a tamper
+response, reliably zeroizing the cryptographic keys would be sufficient. Today, this approach is universally taken. Boak
+does note several other ways to penalize an intrusion attempt, including raising a remote alarm or--even more
+exciting--exploding the device.
+
+\subsection{Use in Nuclear Weapons}
+
+Communications security was not the earliest use of tamper-sensing membranes in the US military, with Boak mentioning
+HSMs still being under development in the second volume of the lecture series, dated 1972. An earlier reference to such
+systems can be found in literature on Permissive Action Links (PALs) for nuclear weapons. In US military terminology, a
+PAL is a chain of locked, tamper-proof systems required to trigger the detonation of a nuclear weapon. PALs were
+developed as a consequence of nuclear weapons being stationed in countries allied with the US during the cold war. The
+concern was that the host country might forcibly assume control over the US nuclear weapons stationed on their soil. The
+stated goal of PALs is to protect the weapon from use without a secret passcode known only to US military command. To
+achieve this goal, PALs will lock themselves when incorrect codes are entered. To protect against both intentional
+tampering aiming to circumvent the PAL, as well as against accidential detonation under extreme environmental
+conditions, PALs are designed such that any tampering attempt as well as any environmental deviation will be sensed by
+the PAL, and will lead to the weapon being destroyed in a less harmful way that does not cause the full-scale nuclear
+explosion that the weapon is capable of. This goal is achievable in practice since nuclear weapons are reportedly very
+sensitive to the timing of their primary explosive charges, as the nuclear payload only produces a full-scale detonation
+when triggered in just the right way.
+
+While it is difficult to date, \textcite{carterManagingNuclearOperations1987} specifically mention a tamper-sensing
+membrane being used in US PALs. Given the nature of the matter, it is safe to assume that this technology will have been
+in use for some years at the point it was being discussed in an unclassified, civilian book on nuclear armament control.
+
+\subsection{Use in Nuclear Safeguards}
+
+Besides being used in nuclear weapons, tamper-sensing systems have another, more peaceful application in the nuclear
+field. In 1957, the International Atomic Energy Agency (IAEA) was founded to coordinate and verify that civilian nuclear
+energy installations are not used for military purposes. A core part of the IAEA's tasks is observing the operations at
+civilian nuclear installations through inspections and through a variety of permanently deployed sensors to track the
+history of nuclear material passing through these facilities.
+
+When using sensors to monitor treaty compliance, the IAEA has to consider the possibility of a host state tampering with
+its sensors to abuse nuclear material without being noticed. Historically, the IAEA has responded to this threat by the
+extensive use of tamper-indicating enclosures and of seals. In both systems, the approach taken is that the enclosure or
+seal is treated similarly to what these days, in computing we call a Physically Uncloneable Function. The enclosure or
+seal is manufactured in a process that leaves an unpredictable and uncontrollable pattern of manufacturing variations
+such as surface imperfections. A process used in the IAEA is to package devices in aluminium enclosures passivated in a
+brigh color, which leaves a random, microscopic pattern of pits in the surface from the etching step. Before such a
+device is deployed in the field, it is precisely measured from all sides. Later on, after field deployment, its
+integrity can then be checked by comparing its current state to these initial measurements. The underlying assumption is
+that drilling or cutting into something like a steel enclosure will leave detectable traces, and that perfectly
+replicating an object including features such as minute surface imperfections is infeasible even to a nation
+state~\cite{iaea2011}.
+
+In IAEA terminology, both tamper detection and tamper evidence are combined into the term ``tamper indication''. The
+IAEA distinguishes between active tamper indication, which we conventionally call tamper detection, and passive tamper
+indication, which we conventionally call tamper evidence. Tamper indicating devices include seals, but also the
+aforementioned uniquely characterizable enclosures, which IAEA terminology calls intrinsically tamper-indicating. An
+example for an active tamper indicating device would be a seismic sensor at the bottom of a borehole that has been
+back-filled with concrete such that any attempt to reach the sensor would be well-visible in the sensor's own
+readings~\cite{simmonsHowInsureThat1988}
+
+With smarter electronics becoming more affordable in both monetary and in power budget, over the decades, other active
+tamper sensors have received attention as well. The IAEA reports on attempts at burying sensors such as piezoelectric
+transducers or optical fibers inside an enclosure's walls to detect tampering, but states that these efforts have not
+yielded practical results primarily due to cost concerns. In contrast to these sensors, the IAEA's Electro-Optic Sealing
+System (EOSS) uses a flexible tamper sensing mesh that contains some sort of conductive traces in the same way it is
+used in contemporary hardware security modules to detect attempts at drilling or cutting into the
+system~\cite{iaea2011,tolkSafeguardsSensorsSystems2007}. Unfortunately, no information on the precise construction of
+the tamper sensing mesh such as materials used or structure sizes are publically available.
+
+\subsection{Commercial Use}
+
+Commercially, tamper sensing meshes have entered widespread use beginning around the turn of the millennium, initially
+in then-new HSMs, cryptographic coprocessors primarily aimed at the financial
+industry~\cite{andersonSecurityEngineeringGuide2020}. Today, their use in finance has spread from HSMs in datacenters
+and ATMs to the ATM pin pads themselves, which encrypt the customer's PIN right at the source, as well as in all kinds
+of card payment terminals. We will analyze two such ATM pin pads later in this paper.
+
+HSMs are used for highly sensitive operations even outside of the financial industry, although their adoption is
+hampered by their high cost. Such applications include key management in the TLS certificate infrastructure. In this
+paper, we will analyze a commercial HSM that was used in the key management infrastructure of a premium TV provider.
+
+Beyond finance, tamper-sensing meshes have found applications in a variety of other use cases as well. For instance, we
+have found them being used in mail franking machines to protect the credit counter and franking data, with one such unit
+analyzed in this paper. Furthermore, we have identified at least one model of key safe that in Germany is mounted
+externally on public buildings to provide keys to emergency services, and which includes a tamper sensing mesh on its
+outside-facing wall to detect attempts at drilling into it. Finally, we have found a processing unit used in a series of
+mid-2000s era slot machines in Germany that includes a tamper-sensing mesh, presumably to prevent modification or
+cloning. This device will also be analyzed later in this chapter.
+
+\section{The Principles of Tamper-Sensing Mesh Construction and Monitoring}
+\subsection{Security Mesh Manufacturing}
+\subsection{Security Mesh Monitoring}
+\subsection{Other Tamper Sensing Techniques}
+\subsection{Hardware Security Module Applications}
+\subsection{The Patent Landscape}
+
+\section{A Survey of Meshes in the Wild}
+
+Concluding the brief history of tamper sensing meshes above, we find that they were initially developed for sensitive
+military applications, and their use in civil applications is a recent phenomenon. The implementation of tamper sensing
+meshes in civil applications was likely catalyzed by two advancements in electronics. First, electronic components
+became less expensive and more integrated reducing the cost overhead of tamper sensing circuits. Second, the mass-scale
+adoption of PCB and Flexible Printed Circuit (FPC) production processes enabled their use as inexpensive,
+high-resolution substrates for such meshes. In this section, we will examine a large sample of recent devices that
+include tamper-sensing meshes to gain an understanding of how they are implemented, and what security level they are
+targeted towards. Since we were unable to acquire a nuclear weapon for our research, we limited our survey to commercial
+devices with a focus on card payment terminals, which represent the most varied class of device incorporating such
+meshes.
+
+\subsection{Sample Selection}
+
+Given their niche applications and high cost, devices incorporating tamper sensing meshes tend to be hard to find. For
+this survey, we chose 21 different models of card payment terminals, and 6 other devices. All devices were procured from
+ebay, and the majority were sold by electronic waste recycling companies.
+
+\subsubsection{Card Payment Terminals}
+
+Card payment terminals commonly include advanced tamper sensing features to discourage physical attacks such as
+skimming that aim to exfiltrate card data and PINs entered by the customer. The Payment Card Industry Security Standards
+Council (PCI SSC), an association of all major western credit card network operators assumes the role of the de-facto
+standardization organization in the card payment space. Due to the international scale of the large credit card
+networks, almost all payment terminals on the market irrespective of their country of origin are certified under PCI SSC
+standards. Adding on to PCI's ecosystem impact, its security standards are thought out well and provide a higher level
+of security than one might expect from an industry association.
+
+The concrete requirements in the PCI SSC standards boil down to a list of logical requirements regarding key handling
+that 
+
+\section{Conclusion}
+
+In our survey, we have found a wide variety in tamper sensing mesh construction techniques. Meshes are commonly
+implemented as part of both rigid (PCB) and flexible (FPC) circuit boards, either standalone, or as part of a board also
+carrying other components. Silver or carbon trace patterning techniques that are normally used for membrane keyboards
+are also used in some meshes, but are limited in their structure size. The meshes we found in the wild almost never push
+the boundaries of achievable structure size for a given process.
+
+The strongest systems we found combined a mesh with potting such that separating mesh and potting destroyed the mesh's
+traces. Silver printed circuits like they are normally used for keyboard matrices performed particularly well in this
+regard since the silver ink adheres better to some potting compounds than to its plastic carrier substrate. We found
+copper FPCs are commonly used for meshes. Interestingly, they seem to be a poor choice since they are very robust and
+can even be forcibly separated from some potting compounds without destroying their traces.
+
+The weakest systems we found completely omitted a tamper sensing mesh. Ironically, all of these systems were devices
+marketed as hardware secuirty modules. Given the inexpensive nature of tamper sensing meshes and the high price point of
+such devices, we suspect market segmentation as a driving force behind their manufacturers' decision to omit tamper
+sensing meshes. We conclude from this observation that the term ``HSM'' does not imply state-of-the-art physical tamper
+sensing.
+
+From an academic point of view, the core finding of our survey is that tamper sensing meshes manufactured in a number of
+commercial manufacturing processes would yield acceptable surrogates for real devices found in the wild. With the
+exception of a single device that used a particularly fine structure size in the \qty{100}{\micro\meter} range, none of
+the devices we examined utilized particularly non-obvious construction techniques.
+
+Form an engineering point of view, we observe that across application domains, tamper sensing meshes often use basic
+construction techniques. Implementing such a system that matches the security of other systems seen in the wild should
+be achievable to most engineers.
+
+