diff --git a/ma/resources/signature key chain.drawio b/ma/resources/signature key chain.drawio
new file mode 100755
index 0000000..4a04d84
--- /dev/null
+++ b/ma/resources/signature key chain.drawio
@@ -0,0 +1 @@
+7VtZc6M4EP41fgzFDX6M7XgytVdqMlUz+7Qlg2xrwuGV8bW/fiWQAAmw8YUzE7tSKWhEy/TXx9dC7hnDcPsJg8X8j9iHQU9X/W3PGPV0ve/o5D8V7DKBptpWJplh5DNZIXhF/0E+kElXyIdLYWASx0GCFqLQi6MIeokgAxjHG3HYNA7EWRdgBiuCVw8EVek35CfzTOpaaiF/hmg25zNrKrsSAj6YqVjOgR9vMlE6xnjqGUMcx0l2FG6HMKDG43bJFI0bruZfDMMoaXPD5OHHJFxMPj+FDwvv++OXz8BQH5iWNQhW7IF7uh0QfQMfrcnhjB5+xSBahihJIOZXyTSlATX3vEIPw4So/g3u+OUJlm+Q1aR2Snbc+MRkC3roAUweYrCZowS+LoBHZRvib0Q2T8KAnGnkcJk5DzGDMZiiIBjGQYxTRYYPoDv16JgEx2+wdMX2XDiZ5pOvIU7gttHCWo4bcXgYhzDB5OlUdoPRZ77NnF3nvrApPCf3j3nJa2wmA8xZZ7nqAk9ywCA9Al6rEd5pHFF0ppkxifTfFXXEwTMM1jBBHihEBTwm+Qv/0bKDEoaZsgYQcbyKfEi/pXoYQ6ppDEIUUBMO4xVG1OfUP+GmCupwOB4/2XWgqupwaNuXAdVURVANrQqqW4OpdS1M7QOYZjB8gUsafu0gItZJpFgSTBrFEZTsz0QgQLOInOLswQfU1MR5gkcmD5Hv01lqcRc9IwATGAyA9zZL5fLcZcconPQycWuJEJu6VYHYrIFYvxbEzjXCVn8nYTt1PejV5uKJa5mWep2wNW8dtm4NppLJqeMvGp+dMRww4cPVo21imopriyXKrppFVTSjX3xc27A7tJN+2E4w8h8ptaPMIADLJfJEb8xugH6F2RWGaoaoar2Saaw9HoNhABK0FuesMw+b4SVGaSzzIUsSNh5k0jKP4wO3B+DZ1SOTADyDSUVvCk7+lKfjZbRhkFnqea5koH3kj+L3O60JIri84ngES5Jk9pQcDAkjZOFCs8qCmiA1ijXoWaODJeesSGz27cbwfFAVvW/pApjaeb7F2zBF7Ys+omh94SNqjKfTlD1c3lu0uoaj8zQoMbp3lwO1GyZBrcF49yy4F7F7GmyfBrV7HtTMRn85g+L3nEFEiowzeidUv7MOXeH25LjWpPRO2b5W16UfmcHJ4+Pdd4qKYvHTvxlI6cloK5zt2FmLzM9XUtOkeNBNOy8GDYXaMiS42hYLokgh+OcfTVSrdVwr6lrBmlpxmXSgHU4HrerQz78eICcJ++ZJot8JzbsNoSutOTh6iaiJIW3Lsdc+pOlaRqlyS3rlJfUrxzTnPnf+14b/9T88/9OrffAILQEOK/jf1+YFxIxbr83zHH1H7kjkLOfWyDX36Pc3Z5fB2L45xs1vvEtFdgTXiJiz7V6Gl9UkILxL2Mvwa+9ccGqocbc7F/QLNNC9d8+NSVuqlrixI4JwOje2FMMssRpJb9fcuPl19p0b1/v9h+bGxnFtMYPCB8t5WhG1PUsR5fJHb3gBdFNblA7VVT1Ps3yrn/6TZBF5+VOur8dkDlmX2m22MOtY2kH0KwSMI7jXBZpWWPPV1+uvsDo3dh0Ba7N/qt9Iyzqm27HT1L1OuZLTvPt8YEh9lxzArUGVt8V1DWodl/+4oFYSs3k6rgcLxpWhdY9j95Mg9t6+zlF0Mr4COyCax4h+4aOS+a2gz99lntsWyIosp2PQq30A+2UBad3iiFz5C/v0PVH3LP/4NZKTCb67n+Criqlq1nmOw/d2OkrfEG+6Hml3W+xvvUd0fSAaHPBzIzqv2F1FdLVT+wQjiIlxPk48N+wavnw8P1wooMlp8auzbHjx2z3j6X8=
\ No newline at end of file
diff --git a/ma/resources/signature_key_chain.pdf b/ma/resources/signature_key_chain.pdf
new file mode 100755
index 0000000..1c87308
Binary files /dev/null and b/ma/resources/signature_key_chain.pdf differ
diff --git a/ma/resources/transmitter scope key illustration.drawio b/ma/resources/transmitter scope key illustration.drawio
new file mode 100755
index 0000000..d39c3e0
--- /dev/null
+++ b/ma/resources/transmitter scope key illustration.drawio
@@ -0,0 +1 @@
+7Vtdc5s4FP01fkyGb/Cj4yTbbZtttt6ZTR4FCKyNjDyy/NVfvxJIgIDETmMHO63byXCvpEvQPefoWigDezzb/EHBfHpHYogHlhFvBvb1wLIc3+A/hWNbOFzTLRwpRXHhMivHBP2A0inHpUsUw4XWkRGCGZrrzohkGYyY5gOUkrXeLSFYv+scpLDlmEQAt73/ophNC2/gGpX/E0TpVN3ZNGTLDKjO0rGYgpisNRfcsFuSMfkrXt9x1x3JyMC9mTImHnA0sG75/0R0ukwJSTEEc7S4jMiMu6MF73KbgBnCYnbF+Kt8PA9u3wzsMSWEFVezzRhikRg16cVvcPtMa/nUFGZsnwGL6J+H+8/On1+Q7z9mEfx78tfnC9PwijgrgJdyPuVcsK2aYJjFI5EnbmUk486rGCymUMQ1uTFlMywvF4ySpzILwpMgjMcEE5qHsmMAgyQqe9ZavCiAYcJb5LzHraRXD2qW08cxDckMMrrlXdZV9lXyp7XEKx+FGDC00sMDmeG0DFfe4Z4gfmPLkHyxPRlH0iWwDT3EgixpBOWoekJ2BLL8RiAGaApZKxC/qD125crz/YrcW8OO1HuYz9ZVyC9ScXEHGaS8z0i18DuVjS2gcP7MxWW0DAVK1lPE4GQOIuFbc+3RwRKSZRbD+GtYOkD0lFLh/bZkGAmk5f4Y0KdvPAxiYqaMS8PVnVbu7UBb4op/nWjLP2IE523NX3zKZ1tByuDmtTiUA1xfz6+jgFLDqel0ANVsIqoOSg0Fr025ClwnNyfaRJr8wfh0fs/5QbKbquWKFrkSE80tQtmUpCQD+Cshc5ml/yBjW7k6gCUjerLhBrGH2vVjnjNXWtcbGTk3tsrI+DM/1I3HulENyi0xyi7Ne0jRLAdv0UdXJqtDmVwYxE4XVgIrtHOs7KtMfH5zCXhJdx25UOYU30nSNsb2FrG34cU7T7xcGoalYebS8cwXcPPzsEmSxIo6F7TYCz33wLBRi/Opw8ZvrSxqIfnQi4bwK26YR1hBvBNYQYLTUgR/T0m4EJoQ6Jpgue5RNOFEl5KClb1pwvA8gSNwYzfWkuCXWkv6xY13XiUIN5p516Dk6FDyhj+DpNd/qW5j75BIOo9i1vM/DJIuOqDkVzJ1zlgKzkKV1KJbq3BH+agYrlAEF89XuYDGu6tcUUjeqk3DTxCvIEMRUBVmATNTzDzAKM1EWD7RIqUvlBzPFilFOMs4zK6Hbeg1q+101KxGR83qHKtkVdvZL25x1oUAh2Rd53/u4A1TQtEPngCA9Wzp+nDIXYtDlon2nsQqoN0XsRT/OzYlY7RSO48TPk+CZMa4ti9Zaz8d+pWq+azO1ug3IysQYvUNlkLeVrcJA6xmxxDDug1jVDfl65aa5wjs9ntnt9Xeazhzdu8uo9R38H05v0d+3/pSxGy9FOEVSvWx9IDPvCI51JsNt634pWL81ob30gbP610bPtzKv1MbFPRPSBus5i6m2ac2WO3KvdSG0W9teCdtcIPetcH+5bRBQf+UtMFt4MLtVRusFibuQLZMQMSWdNfrq/dWiNgfhkbHDk6SQC9qKsQxKGz0TmGzla4PT2H1hKdDYXPYOObi90lhs32erUHhE1rk+6awY/VNYfPDfXs/7t6c90YKvy1ZXSVT48Dgd3Ge1TK+wO3rTgwelnqNAxqFEO1FyTBwHbeLkkEEj0HJoFX/9M1Io4uSrR3Y+2WIUaRnOqRVnvfaleXTxgYdB4jVvMvTxvVUSJdKJIaJiCBSwJGAR9I9Q3Gcy0MXoHRJKM98CyPFQBzYLl6MHfgwj91ItTXcM9XW8VLd3myfwIjCksEHzxctHussElZy7B0Sxs3qLwGKWqj6Ww375n8=
\ No newline at end of file
diff --git a/ma/resources/transmitter scope key illustration.svg b/ma/resources/transmitter scope key illustration.svg
new file mode 100755
index 0000000..c8c49da
--- /dev/null
+++ b/ma/resources/transmitter scope key illustration.svg
@@ -0,0 +1,790 @@
+
+
diff --git a/ma/resources/transmitter_scope_key_illustration.pdf b/ma/resources/transmitter_scope_key_illustration.pdf
new file mode 100755
index 0000000..25d9940
Binary files /dev/null and b/ma/resources/transmitter_scope_key_illustration.pdf differ
diff --git a/ma/safety_reset.tex b/ma/safety_reset.tex
index c50865f..3ac83e2 100644
--- a/ma/safety_reset.tex
+++ b/ma/safety_reset.tex
@@ -1674,8 +1674,54 @@ least significant bit of $n$ in our $H^n$ construction. In the chain of valid si
disarm signature. Reset and disarm signatures would alternate in this scheme. By skipping a disarm signature two resets
can still be triggered directly after one another.
-% FIXME diagram
-% FIXME include domain mechanism
+In practice it may be useful to have some control over which particular meters reset. An attack exploiting a particular
+network protocol implementation flaw might only affect one series of meters made by one manufacturer. Resetting
+\emph{all} meters may be too much in this case. A simple solution for this is to define adressable subsets of meters.
+``All meters'' along with ``meters made by manufacturer $x$'' and ``meters of model $y$'' are good choices for such
+scopes. On the cryptographic level the protocol state is simply duplicated for each scope. This incurs memory and
+computation overhead linear in the number of scopes. Device memory requirements are small at a few bytes only and
+computation is of no concern due to the very slow channel so this simple solution is adequate. The transmitter has to
+either store copies of all scope's keys or derive these keys from a root key using the scope's identifier. Keys are
+small and the transmitter would be using a regular server or hardware security module so either easily feasible.
+
+A diagram of the key structure in this key management scheme is shown in Figure \ref{fig:sig_key_chain}. The
+transmitter key management is shown in Figure \ref{fig:tx_scope_key_illu}. This scheme is simplistic but suffices for
+our prototype in Section \ref{sec-prototype} and may even be useful in a practical implementation. During
+standardization of a safety reset system the key management system would most likely have to be customized to the
+particular application's requirements. Developing an universal solution is outside the scope of this work.
+\begin{figure}
+ \centering
+ \begin{minipage}[c]{0.5\textwidth}
+ \includegraphics{resources/signature_key_chain}
+ \end{minipage}
+ \begin{minipage}[c]{0.45\textwidth}
+ \caption{
+ The hash chain between secret transmitter key and public device key. Each step represents one invocation of the
+ hash function. To generate a new chain a random transmitter key is generated, then hashed $n$ times to
+ generate the corresponding device key. A new trigger message can be generated by generating the key at depth
+ $m-1$ where $m$ is the height of the last used trigger, or $n$ initially. Every second trigger message is a
+ disarm message and every second one a reset message. Depending on which is needed the other one may be skipped.
+ }
+ \label{fig:sig_key_chain}
+ \end{minipage}
+\end{figure}
+
+\begin{figure}
+ \centering
+ \includegraphics{resources/transmitter_scope_key_illustration}
+ \caption{
+ An illustration of a key management system using a shared master key. The transmitter derives one secret key for
+ each adressable group from the master key. Then public device keys are generated like in Figure
+ \ref{fig:sig_key_chain}. Finally for each device the manufacturer picks the group public keys matching the
+ device. In this example one device is a series A meter made by manufacturer B so it gets provisioned with the
+ keys for the ``all devices'', ``manufacturer B'' and ``series A'' keys. The other device is also made by
+ manufacturer B but is a series C device so it gets provisioned with the ``all devices'', ``manufacturer B'' and
+ ``series C'' public device keys. In this example the transmitter stores (or is able to derive) all six shown
+ group keys, but each device only needs to store the three applying to it for the three scopes ``all devices'',
+ ``manufacturer'' and ``series''.
+ }
+ \label{fig:tx_scope_key_illu}
+\end{figure}
\chapter{Practical implementation}
@@ -1702,12 +1748,11 @@ transmission networks to characterize the operational state of the network.
From a superficial viewpoint measuring mains frequency might seem like a simple problem. Take the mains voltage
waveform, measure time between two rising-edge (or falling-edge) zero-crossings and take the inverse $f = t^{-1}$. In
-practice, phasor measurement units are significantly more complex than this. This discrepancy is due to the unhealthy
-% FIXME is this pun ok?
-combination of both high precision and quick response that is demanded from these units. High precision is necessary
-since variations of mains frequency under normal operating conditions are quite small--in the range of
-\SIrange{5}{10}{\milli\hertz} over short intervals of time. Relative to the nominal \SI{50}{\hertz} this is a derivation of
-less than \SI{100}{ppm} Relative to the corresponding \SI{20}{\milli\second} period that means a time derivation of
+practice, phasor measurement units are significantly more complex than this. This discrepancy is due to the combination
+of both high precision and quick response that is demanded from these units. High precision is necessary since
+variations of mains frequency under normal operating conditions are quite small--in the range of
+\SIrange{5}{10}{\milli\hertz} over short intervals of time. Relative to the nominal \SI{50}{\hertz} this is a derivation
+of less than \SI{100}{ppm} Relative to the corresponding \SI{20}{\milli\second} period that means a time derivation of
about $2 \mu\text{s}$ from cycle to cycle. From this it is already obvious why a simplistic measurement cannot yield the
required precision for manageable averaging times--we would need either a ADC sampling rate in the order of megabits or
for a reconstruction through interpolated readings an impractically high ADC resolution.
@@ -2077,7 +2122,7 @@ gold code looks to yield good enough performance at manageable data rates.
\begin{figure}
\centering
- \includegraphics{../lab-windows/fig_out/dsss_gold_nbits_overview}
+ \includegraphics[width=0.6\textwidth]{../lab-windows/fig_out/dsss_gold_nbits_overview}
\caption{
Symbol Error Rate (SER) as a function of transmission amplitude. The line represents the mean of several
measurements for each parameter set. The shaded areas indicate one standard deviation from the mean. Background
@@ -2095,14 +2140,18 @@ gold code looks to yield good enough performance at manageable data rates.
\begin{figure}
\centering
- \includegraphics{../lab-windows/fig_out/dsss_gold_nbits_sensitivity}
- \caption{
- Amplitude at a SER of 0.5\ in mHz depending on symbol length. Here we can observe an increase of sensitivity
- with increasing symbol length, but we can clearly see diminishing returns above 6 bit (63 chips). Considering
- that each bit roughly doubles overall transmission time for a given data length it seems lower bit counts are
- preferrable if the necessary transmitter power can be realized.
- }
- \label{dsss_gold_nbits_sensitivity}
+ \begin{minipage}[c]{0.5\textwidth}
+ \includegraphics{../lab-windows/fig_out/dsss_gold_nbits_sensitivity}
+ \end{minipage}
+ \begin{minipage}[c]{0.45\textwidth}
+ \caption{
+ Amplitude at a SER of 0.5\ in mHz depending on symbol length. Here we can observe an increase of sensitivity
+ with increasing symbol length, but we can clearly see diminishing returns above 6 bit (63 chips). Considering
+ that each bit roughly doubles overall transmission time for a given data length it seems lower bit counts are
+ preferrable if the necessary transmitter power can be realized.
+ }
+ \label{dsss_gold_nbits_sensitivity}
+ \end{minipage}
\end{figure}
\subsection{Sensitivity versus peak detection threshold factor}
@@ -2239,6 +2288,7 @@ the results for both are very close in absolute value.
\end{figure}
\section{Implementation of a demonstrator unit}
+\label{sec-prototype}
To demonstrate the viability of our reset architecture we decided to implement a demonstrator system. In this
demonstrator we use JTAG to reset part of a commodity smart meter from an externally-connected reset controller. The