Home >

SafeNet HSM Tamper Detection

SafeNet HSMs detect hardware anomalies, and certain software commands, and register them as tamper events. In response to a tamper event, the HSM halts, raises the tamper flag, records the event to the log, and waits to be restarted.

After restart, the HSM can either resume operation at the next login, or wait for introduction of an externally held Secure Recovery Vector if you have configured that option, and then resume operation. The ability of the HSM to resume operations assumes that the cause of the tamper event is no longer present.

HSM Event How
Detected
Reaction/recovery
 






All		 Software tamper (Secure Transport Mode) UI command  SRK owner presents purple PED Key at prompt
[applies to PED-authenticated HSMs only].
See Note 1, at bottom of table.
Over-temperature (Note 2) Internal sensor  


The HSM halts and can be restarted only after the cause of the tamper is no longer present.
If all SRV is internal, a valid login allows HSM use to resume.
lf external SRV, then SRK must be presented.
Under-temperature (Note 3) Internal sensor  
Over-voltage (Note 4) Internal sensor  
Under-voltage (Note 5) Internal sensor  
SafeNet Network HSM and SafeNet USB HSM Case lid opening Internal sensor
SafeNet Network HSM Fan bay opened or fan removed Internal sensor
SafeNet USB HSM Battery removed Internal sensor
Note 1: When SRK is enabled, the Secure Recovery Key owner is the role in charge of all tamper recovery. That role acknowledges that a tamper occurred, and authorizes the recovery, by presenting the purple SRK when prompted.  

When SRK is not enabled, an HSM reset must be followed by a valid login to complete the recovery from tamper. The restart and login operation is the sole acknowledgment that a tamper occurred.
Note 2: During operation, the temperature sensor on the HSM card has detected a temperature exceeding the upper operating temperature limit. Refer to the specification in the HSM data sheet.  
Note 3: During operation, the temperature sensor on the HSM card has detected a temperature below the lower operating temperature limit. Refer to the specification in the HSM data sheet.  
Note 4: During operation, the voltage sensor on the HSM card has detected a voltage above the upper operating voltage limit. Refer to the specification in the HSM data sheet.  
Note 5: During operation, the voltage sensor on the HSM card has detected a voltage below the lower operating voltage limit. Refer to the specification in the HSM data sheet.

 

 

SafeNet Network HSM 6.3 Product Documentation
007-011136-015 Rev. A 14 July 2017 Copyright 2001-2017 Gemalto All rights reserved.