1. Introduction " Need
for Anti Tamper RTC
Applications like utility metering, HVAC, point of sale terminals,
security alarms, vending machines, security related equipments and
systems are prone to hacking where the hacker may want to extract
information and/or modify the internal settings. Most of these methods
include tweaking the time so as to fool the system.
Specific to power and energy metering, electricity distribution
companies may have different billing rates depending on time of the
day, maximum demand, load, etc, thus making Real Time Clock (RTC) an
essential part of the electronic meter to provide time reference. One
may tamper with the clock or manipulate the time to fool the system and
charge differently, e.g., changing PM to AM such that metering firmware
charges less due to non-peak load during that time.
A hacker can change the RTC crystal so as to count less as RTC usually
relies on a 32.768 kHz external crystal oscillator. This introduces
inaccuracies in measurement and thus billing.
Still today, lot of software licenses are time based. Before the
license is about to get expired, one may reverse the time back thus
providing additional time software license is available to the user.
Most of you may have experience changing the old PC BIOS clock to reset
system settings. Have you ever forgotten the BIOS password or have you
wondered to log into your friend's computer that has BIOS security
password during the system boot? Most common way is reset the password
is to physically remove the power from the computer by disconnecting
the power plug and then removing battery for few minutes from the
There are endless examples based on time related hacks. For consumer
products, avoiding the above may not matter much without any
significant loss to the customer or product manufacturer but for
applications like point of sale, power distribution, etc, the above may
compromise the whole security network causing chaos and huge loss of
Taking care of above may require additional hardware changes in board
along with additional components and yet may not be completely secure;
however these can be easily taken care during RTC design.
Next section focus on some of the techniques that can be implemented in
RTC to make system secure and avoid time related hacks.
2. Techniques for Secure
Real Time Clock
RTC with Independent
In order to be tamper proof, an RTC needs to be working independent of
the CPU. Hence a secure RTC would need to be enabled at all the times.
This is achieved by running the RTC off a battery supply (as shown in
Figure 1). To optimize the battery life, RTC can be powered from the
main supply and switches to battery supply in the event of main power
Figure 1: Independent RTC
This allows all the associated logic along with tamper detection
(described later) to work in the event of power failure unless the
battery is removed or gets drained out.