1. Field of the Invention
The present invention relates to a system for securing data to be protected of a piece of equipment comprising:
a space;
at least one device for processing data to be protected, the processing device(s) being laid out in the space; and
a safety module comprising at least one controller connected to at least one memory for sensitive data, the sensitive data giving access to the data to be protected, the safety module being at least partly laid out in the space.
Further, the present invention relates to a method for securing data to be protected of a piece of equipment, the piece of equipment comprises:
a space;
at least one device for processing data to be protected, the processing device being laid out in the space;
a safety module comprising at least one controller connected to at least one memory for sensitive data, the sensitive data giving access to the data to be protected, the safety module being at least partly laid out in the space.
2. Description of the Related Technology
For example, the data to be protected should be protected against entrapment.
Entrapment may consist of applying probes for capturing information, for example, a data or software packages, or making internal modifications in a piece of equipment which divert its operation or the data of the piece of equipment.
There exists several solutions in present systems.
A solution is a seal placed on a casing containing for example a holographic label, which gives the possibility of checking from the outside whether the casing of the piece of equipment has been opened without any authorisation. The seal visually changes state irreversibly upon opening the casing of the piece of equipment. Illegal reproduction of a seal is normally difficult to achieve.
This solution has the drawback of only detecting the intrusion when a trustworthy operator sees the modified seal after the intrusion. Further, this does not necessarily prevent access to information in the piece of equipment. Other mechanisms are generally required for completing the protection. Seal solutions are passive and only allow by themselves the audit of an achieved attack. They do not prevent per se the entrapment.
Another solution is a system which detects drilled holes, for example as disclosed in EP 0 347 209 A2 and U.S. Pat. No. 5,539,379. These solutions are based on a cover which surrounds the whole of the relevant target. This cover integrates conductive meshing which detects any drilling and it is very difficult to get around it. Upon detecting a drilled hole, a device inside triggers an alarm, destroys or deletes an object inside the cover. Nevertheless, this system remains costly and generally does not allow protection of a piece of equipment of significant volume. Now, many pieces of equipment include several cards, compartments and have diverse shapes. Present detection cover solutions provide solutions for modules limited in volume, for example of the order of 10 cm*10 cm*10 cm. Beyond these dimensions, this technology becomes difficult to apply.
There also exists electronic components such as microcontrollers which integrate solutions for detecting an attack such as drilling. These components are limited in their performance and are not suitable for different types of equipment which use microprocessors of the last generation for obtaining real time performances of a sensitive software package.
Moreover, there presently exists systems which integrate opening detection sensors. These systems trigger an alarm upon opening one of the hatches or access doors. They are inefficient against attacks of the intrusion type, for example, by drilling or another solution for getting around normal systems for opening the piece of equipment.
By lack of a self-contained power supply in the equipment, present sensors are not very efficient and notably opening sensors. The fact of having to operate and power-off conditions rules out many sensor systems which consume too much energy.
Generally, present intrusion detection systems are not very suitable for different forms of a piece of equipment, and additionally, the systems have to operate under power-off conditions.