Sensitive computation often has to be performed in a trusted execution environment, and which requires tamper-proof hardware. If the mechanism of the computing system can be tampered with, we may no longer be able to trust the correctness and reliability of this computation. We consulted and studied with the idea of using this computing system platforms for a high security application as a means to protect data from physical access. We studied the whole application requirements of such a high security application, the operating environment, the cost of deployment, the debug situation of the computing and the system, the applications under the operating system.
As a solution study, we design an industrial computing hardware solution and our customized fanless box computer TBOX-C630 by using our TAS industrial secured SSDs, and describe how it can be a perfect solution for a trusted high security project.
TAICENN; Tamper-proof hardware; Tamper-proof computation; Tamper-proof computer; Tamper-proof PC; Industrial secured SSD; Hardware security computer; Physical security computer
High security video surveillance; Sensitive Data Storage; Military Sensitive Data Protection.
Extremely sensitive computational operations, involving highly secret data, require running on an industrial computing system that can be 100% trusted to maintain secrecy and data security. If any such secret data is leaked, it will cause far-reaching implications or unsalable losses.
A common requirement from such a computing system is to be tamper-proof, meaning anybody must not be able to change the way it works, or get its sensitive data. Once the system is debugged properly, any physical change or destroy will trigger the data destruction. So, no any sensitive data will be visible to any parties. This industrial computing system will design with mass of unique hardware design, together with an extreme critical mission Industrial Secure SSDs, which will request a reliable & quick secure erase function, as well as 100% data erased and overwritten.
Even any unauthorized parties finally access to the storage devices (SSD), he can never get any sensitive user data. And it can assure the user data 100% secured.
Tamper Diagram and Response:
During our long consulting & discussion with the application integrator, we totally understand the system requirements, and its outdoor operating environment. Combining with our capable knowledge in industrial computing design& manufacturing, TAICENN is able to propose and design a turn-key solution product, including a Full IP65/66 fanless industrial computer, together with military level SSD with fast but data erase function. The tamper-proof computer is designed with latest 6th-gen. Intel Core i7-7500U processor with 16GB DDR4L Memory, to record the data via HD cameras. Due to the unique feature of this tamper proof system, the field debug will be more complicated and difficult, so the internal Tamper Response circuit is special designed. The Tamper-proof will never do erase processing after it is proved to be 100% finished. In order to ensure the SSD erase process, then the system will be integrated with a small battery module.
The most important is the enclosure needs to do more than visually signify that an intrusion has taken place. A complete and effective trigger mechanism is the key to prevent from any violence cutting & dismantling activities.
Secured SSD and erase:
Key to a Tamper-proof computer system is the secured SSD (TAICENN TAS series), which offers a complete secure erase function during abnormal access. According to the secure erase level, to erase the SSD mapping table is not sufficient enough, but erase & overwrite all bytes into “0” or “1”is a mandatory requirement. It can achieve other military level secure erase protocols, such as DoD 5220.22-M, NSA 130-2, AR380-19, AFSSI-5020, NAVSO P-5239-26, NSA 9-12, IRIG…, but we know it request longer time.
Once any violence dismantling happens, the travel switch and internal light sensor will give a response to the whole system. Then the power signal will trigger the TAS SSD’s secure erase procedure. All blocks in the SLC NANDs flash will be erased, and it will overwrite all location with all “0” or “1”, to achieve the complete data erase.
The other key of the industrial secure SSD is the PE (Program & erase) cycle and TBW, the TAS-25SNS provide SLC (Single-level cell) NAND flash, and offer 60K~100K PE cycles, compared to MLC (Multi-level cell) NAND 3K ~ 5K cycles.
To assure the whole TAICENN’s tamper-proof PC implement, the company is providing both the industrial PC system and industrial secure SSDs.
As a solution provider & manufacturer of industrial computing system, TAICENN continues to provide customers with the most suitable industrial computing hardware based on field environment requirements. We are able to offer customers with one-stop customized development services to improve the information level of all kinds of industries.