This describes the perimeter detect feature on HSM4.
Perimeter Detect provides two additional layers of physical security that can be used to detect when the perimeter of your device is breached. This is an important feature when devices are deployed in the field, unattended or in high risk environments.
HSM4 includes two independent Perimeter Loops that can be configured to meet different applications.
When a Perimeter Loop is breached, HSM4 can be configured (at time of binding) to respond with different “Actions”, depending upon your security policy.
Connecting Perimeter Loop Circuits
HSM4 uses a standard microUSB connector to interface to perimeter circuits 1 and 2. This is convenient for rapid prototyping and small scale production situations.
(For high volume applications, different connector types are available. Contact Zymbit for more details.)
Each perimeter loop should be connected with a 30 AWG wire or thicker and nominal length of 2 feet. For longer lengths contact Zymbit. The wire should be electrically insulated for all applications. A shielded cable may be necessary for electrically noisy or industrial applications.
Custom flex PCBs and rigid PCBs may also be used to complete a perimeter loop circuit.
Perimeter Breach Response Actions
Prior to permanently binding your HSM4 to a specific host device, it can be configured through the API to respond to a perimeter breach event in one of three ways. After permanent binding is completed, the selected configuration is locked and immutable.
A) Do nothing (disable)
B) Notify host when perimeter breach occurs
C) Destroy all key material (this essentially destroys any encrypted data or file system)
Refer to API documentation for more details.