Hardware Reference

This Appendix contains hardware specifications and instructions on how to fit the HSM with an external tamper detector such as a micro switch.

Adapter Modification for External Tamper Detectors

Connect additional tamper detection devices using the tamper input header, located on the rear face of the card, as illustrated in Rear face of the card.

Figure 1: Rear face of the card

To fit an external tamper detection device

1.Remove the default jumper/shunt that bridges the two posts in the ProtectServer PCIe HSM's tamper input header (see Rear face of the card).

2.Connect your external tamper device in the shunt's place.

The cable end from your tamper-detection device must match the Molex socket on the adapter, which is designed to fit with an insertable connector housing (Molex part 35507-0200).

a.Crimp a pair of 2mm WTB crimp terminals (Molex part 50212-8100) to the ends of your tamper detector's two-wire connector cable.

b.Insert the crimped terminal sockets into the Molex connector housing.

3.Plug the newly-fitted connector cable into the PCIe adapter's tamper input header.

The external tamper detector must provide the following conditions:

>In the untampered condition, the device must provide a low-impedance path (short circuit) between the tamper-detection posts.

>In the tampered condition, the device must show an open circuit.

The Battery

The adapter is fitted with a backup battery, which maintains cryptographic keys and the correct time when the host computer is shut down, or when the adapter is otherwise disconnected from a power source.

The battery has an expected lifetime of ten years. It should not require replacement within the normal lifetime of the adapter.

Testing the battery

You can use the utilities provided with the adapter to query the state of the battery. In SafeNet ProtectToolkit-C, use ctcheck -b batterystatus to return a state of Good/Low. See the Administration Guide for your SafeNet ProtectToolkit software for more information.

The RealTime Clock and memory retain their data as long as the adapter is in a powered system. The RTC performs a daily battery check. If it detects a low-battery warning, the battery may need to be replaced. If the adapter has been de-powered or removed from its system, the data in its memory is suspect. If the adapter has been continuously powered, then the data in memory can be trusted and you can make a backup before replacing the battery.

Port Specifications

The USB-to-serial cable provides an RS232 port with pin outs as shown in Adapter serial connector. This port can be used for connecting a smart card reader or another serial device.

Figure 2: Adapter serial connector


Customer Support Portal

SafeNet ProtectToolkit 5.9 Product Documentation  06 January 2020  Copyright 2009-2020 Thales. All rights reserved.