Tamper-detection interface

Introduction

The tamper interface provides a mechanism to detect any unauthorized attempt to access the system, such as the opening of the enclosure. The tamper support included in the ConnectCore 6UL is implemented in the MCA and allows you to:

Detect tamper events through a maximum of two IO pins. Tamper detection works even in low power modes, including power off, if battery backup (coin cell) is provided.
Register tamper event(s) in the non-volatile memory of the MCA.
Alert the host CPU (IRQ, wake up, etc.) when a tamper event occurs.
Respond to a tamper attack with actions such as erasing a critical data partition of the flash.

Tamper pins

The ConnectCore 6UL module supports up to two tamper interfaces (tamper0 and tamper1). Each interface has an associated IO (tamper pin) used to detect the tamper event (through a voltage transition on the IO) and, optionally, an output IO (tamper output) that can be used to enable or disable peripherals, for instance to cut the power of a peripheral. The IOs of each tamper interface can be configured independently and have the following configuration options:

The MCA IO used for tamper detection, from the available MCA IOs that are IRQ-capable.
The active level (tampering) of the tamper input.
The MCA IO used as tamper output, when enabled, that is activated when a tamper condition has not been acknowledged.
The logic level that is set in the tamper output when a tamper event occurs.

The following MCA IO pins can be configured as tamper input pins: MCA_IO0, MCA_IO1, MCA_IO2/EXT_VREF, MCA_IO5. Any of the MCA IO pins can be configured as tamper output pins.

Tamper detection

The following diagram shows the sequence of events that occur during a tamper attack on the ConnectCore 6UL module. Tamper detection is triggered on the device by the voltage transition that occurs on the configured tamper input pin (IO_IN in the diagram). This tamper detection works in any operational mode of the system (normal run, suspend and power off). The system can perform different response actions depending on the presence of the main power supply.

The following actions happen immediately after detection of a tamper event:

The tamper output (IO_OUT), if enabled, is automatically set to its active level.
An IRQ is generated. This IRQ can wake up a system in any low power mode like suspend or power off.
The system logs the tamper event (including a time stamp) in the NVRAM memory.

If the system is in run state or if the tamper event wakes the system, the U-Boot and Linux firmware provide support to:

Detect the tamper condition.
Execute customer-programmed response actions (such as erasing keys or powering down the system).
Acknowledge the tamper event, which deactivates the tamper output, if enabled.

Tamper response

After a tamper event, the system logs the event in persistent memory and executes the necessary actions to respond to the system attack. Response actions are normally implemented to meet the specific needs of the device and may include one or several of the following generic responses:

Activate a physical indicator (tamper-evident seals, on screen indicators, etc.).
Send a notification.
Take destructive actions, like erasing critical information of the system or make it unable to boot.

The ConnectCore 6UL BSP provides the necessary firmware to easily detect tamper events and program the corresponding response actions to meet the requirements of the system.

The tamper module also allows you to program a predefined tamper action—system power off—that will automatically happen at a preconfigured timeout after the tamper event.

U-Boot

Tamper detection is enabled by default in U-Boot and can be disabled by removing build-time configuration option CONFIG_MCA_CC6UL_TAMPER.

When tamper support is enabled, the following actions take place during system initialization:

The bootloader firmware checks if the tamper interfaces are enabled.
If enabled, the bootloader firmware checks if there are any tamper events that have not been acknowledged.
If there are events pending acknowledgement, the bootloader calls the (weak) function:

__weak void mca_tamper_take_actions(int iface)

Customers can override this weak function with a custom implementation that accommodates their security needs (such as erasing a partition, sending a notification, or triggering an alarm output).
The bootloader firmware acknowledges the event once the response actions have been executed.

If the predefined flow does not meet the requirements for a specific device, it can be fully customized using the bootloader code (board/digi/common/tamper.c).

Linux

The Linux BSP of the ConnectCore 6UL includes an IIO driver that detects the interrupt generated by the MCA when a tamper event is detected. The driver generates a device node (under /dev) for each tamper interface that allows you to read the tamper events from user space. The tamper interfaces can be enabled in the device tree. See Devices and interfaces for additional information about how to configure the driver and the tamper interfaces in the device tree.

The character device driver will generate standard IIO events when a tamper interrupt is detected. Therefore, it is possible to read the events using the standard API provided by the kernel for the IIO devices with event support.

As a reference, a sample application "tamper_sample" is included in the dey-examples package of meta-digi layer that demonstrates how to detect tamper events and provides the hooks to implement the required response actions and acknowledge the event.

Tamper configuration

The configuration of the tamper interface is performed with a configuration application included in the root filesystem, named tamper_cfg. This application allows you to read the current configuration of the tamper module and configure the settings. See Configure the tamper interfaces using tamper_cfg for more information.

Each tamper interface provides the following tamper registers, which are read and written by the tamper_cfg tool:

TAMPERn_CFG0

B7	B6	B5	B4	B3	B2	B1	B0
CLR_EV_EN	PWROFF_EN	OUT_ACT_HIGH	OUT_EN	-	IN_ACT_HIGH	RECONF_EN	DET_EN

Field description

Field	Description
0 DET_EN	Enable tamper detection (1: enabled, 0: disabled)
1 RECONF_EN	Reconfigure tamper interface settings (1: allowed, 0: not allowed)
2 IN_ACT_HIGH	Set active level (tamper condition) of the tamper input (1: high, 0: low)
3 -	Reserved
4 OUT_EN	Activate the output of an IO when a tamper condition is detected (1: enabled, 0: disabled)
5 OUT_ACT_HIGH	Set output level (if enabled) when a tamper condition is detected (1: high, 0: low)
6 PWROFF_EN	Power off the device after the programmed timeout, after a tamper detection (1: enabled, 0: disabled)
7 CLR_EV_EN	Clear tamper events by writing a 0 to the tamper event register (1: enabled, 0: disabled)

TAMPERn_IO_IN

B7	B6	B5	B4	B3	B2	B1	B0
IO index of tamper input

TAMPERn_IO_OUT

B7	B6	B5	B4	B3	B2	B1	B0
IO index of tamper output

TAMPERn_PWROFF_DELAY

B7	B6	B5	B4	B3	B2	B1	B0
Delay (multiplied by 100ms) power off after tamper detection

TAMPERn_EVENT

B7	B6	B5	B4	B3	B2	B1	B0
-	-	-	-	-	-	ACKED	SIGNALED

Field description

Field	Description
0 SIGNALED	Indicates if a tamper condition has been detected (1: signaled, 0: no signaled)
1 ACKED	Persistent flag used to acknowledge a tamper event condition (1: acknowledged, 0: no acknowledged)

Power and tamper support

The tamper detection and the response actions depend on the working mode of the system (run, suspend, power off) and the availability of power. The following table indicates the actions the system takes when a tamper event happens, under different power supply conditions and working modes.

Battery backup	Working mode	After a tamper event...
	-	-
	power off	Register the event Activate the output (that could activate a backup battery to power on the system)
or	power off	Register the event Activate the output Wake up the system and U-Boot catches the tamper event
or	suspend	Register the event Activate the output Wake up the system with an IRQ that can be processed by user space
or	running	Register the event Activate the output IRQ that can be processed by user space