System Block Diagram
Hardware is divided into two discrete subsystems: the security subsystem and the PC subsystem. The security subsystem is the first to receive power when the unit is switched on, the PC subsytem is only booted after your firmwares are verified and NFC key authenticated.
Secure Controller Subsystem
This subsystem is the root of ORWL’s security features. It controls power to the PC Subsystem, enabling Pre-Boot Authentication.
The entire ORWL system is covered on both sides by a clamshell structured LDS mesh. LDS stands for Laser Direct Structuring, a kind of resin material with finely printed circuitry which is designed to shatter when drilled. This mesh prevents access to any hardware component.
The Secure Subsystem is responsible for verifying firmwares, authenticating your NFC / BLE keyfob and maintaining connection to it for monitoring proximity, disabling display and USB ports and putting the PC Subsystem to sleep when you’re away, and is responsible for instant secure erase of all data if a tamper event occurs. A physical intrusion event through the security shell will erase the flip-flop AES256 RAM encryption key to destroy your Root of Trust key, rendering all other system keys and your hard drive data unreadable.
The hardware integrity is provided by a Laser Direct Structuring shield, a tamper-proofing technology used for many high security applications in banking, aerospace and defense. This includes Hardware Security Modules, security tokens, ATM machines, telecom crypto keys protection, defense electronics or medical devices.
Opening the shield will relieve pressure switches, which will cause the primary Root of Trust crypto key to be deleted, rendering all saved content irretrievable. Drilling or cutting the LDS shield breaks the continuity of the printed circuit on the LDS shield. The electronics cannot be accessed without opening or breaking the shield, which will also delete the primary crypto key. The conductive traces are electro-deposited on a laser-treated surface so that the layer of metal is only microns thick. It is then painted to prevent corrosion.
- LDS holder material: Vectra Liquid Crystal Polymers E840i LDS
- LDS mesh trace spec: Width: 0.3+/-0.15mm ; Gap: 0.5+/-0.15mm. Preliminary conductive Spec: 40 Ohm / Preliminary open Spec: 10K ohm
You can always carefully open it yourself if you want to know what’s inside, but not without destroying the encryption keys. After closing it you will have to generate a new SSD encryption key and reinstall the system entirely. Nobody can do it behind your back without wiping the system, so you will notice it.
The Glass case is 2.8mm thick, and chemically hardened, so that it will not accidentally break when dropped: the target drop resilience is 0.6 meter onto marble. The glass is tamper evident and cannot be drilled or cut without it being obvious.
Maxim Secure Microcontroller
The Maxim MAX32550 is the core of the Secure Controller Subsystem. It contains an ARM Cortex M3 core running at 108MHz. It contains secure fast-wipe NVRAM, which is where the Root of Trust cryptographic key is stored. This key is used to encrypt all of the system’s other sensitive private crypto keys, including the key used to encrypt the hard drive’s data encryption key. It also contains a hardware Random Number Generator and several hardware-based side-channel protected cryptographic accelerators for algorithms like SHA2, AES, RSA, DSA, and ECDSA (NIST P-256).
In addition, it has 6 external tamper sensors that operate by creating independent random dynamic signal patterns on each sensor trace. If a tamper detection event occurs the encryption keys are erased. Four sensors are wired to the protective mesh. One sensor is used to monitor tampering of the OLED screen. The microcontroller also has its own on-die mesh to protect intrusion into the chip, built-in side-channel scan protection, temperature sensors, a Real Time Clock, and a Watchdog. A rechargeable lithium ion battery is connected to the microcontroller, which ensures the volatile storage doesn’t lose power for at least 6 months while not connected to a power source.
The CLRC663 (datasheet) is a highly integrated transceiver IC for contactless communication at 13.56 MHz.
The CLRC663 transceiver IC supports the following operating modes
- Read/write mode supporting ISO/IEC 14443A/MIFARE
- Read/write mode supporting ISO/IEC 14443B
- Read/write mode supporting JIS X 6319-4 (comparable with FeliCa1)
- Passive initiator mode according to ISO/IEC 18092
- Read/write mode supporting ISO/IEC 15693
- Read/write mode supporting ICODE EPC UID/ EPC OTP
- Read/write mode supporting ISO/IEC 18000-3 mode 3/ EPC Class-1 HF
The power button is connected to Secure module. The NFC authentication needs to be verified before providing power to the PC subsystem. Once authentication occurs the key fob should be kept less than 10 meters away from ORWL or the ORWL will lock itself automatically.
A white OLED display indicates the lock/tamper status of the secure subsystem. It is connected directly and only to the secure microcontroller.
An accelerometer is connected to the secure microcontroller and is used for two purposes:
The accelerometer is first used to monitor physical movement while the ORWL is connected to a power supply. If the ORWL is locked and someone moves it, the accelerometer will immediately shutdown the system. Shutting down the system will require the NFC authentication process to be performed again once the system is brought back up.
The accelerometer is also used to securely enter a pin when changing the BIOS settings. This method allows for pin entry without the use of a keyboard or any other non-secure part of the system. Tilting and rotating the device to select numbers on the screen allows to enter a pin in direct interaction with the secure microcontroller.
There is a backup battery on ORWL that will last at least 6 months, so it can continue to scan the tamper mesh continuously while the DC adapter is unplugged. It is charged every time ORWL is plugged in.
We will ship two keys with the system. Each includes an ST Secure Microcontroller connected to an NFC radio and a BLE radio. NFC is used by the system to authenticate at close range. This authentication method is required for booting the system. The key fobs then periodically broadcast via BLE. It is by checking these packets along with the distance to the transmitter that ORWL determines the key is still in close enough proximity to remain unlocked. When this key is further than 10 meters from ORWL, the system will go to sleep, disconnecting the USB ports and removing power from HDMI. The keys each utilize a rechargeable coin cell that keeps the on-board RTC alive. Each time the key is brought within range of the NFC induction coil on ORWL, the generated current adds some charge to this battery.
We also envision adding other kinds of security support. For example, it is possible to add support for having a “permanent” infrastructure-mounted BLE beacon, which can be linked to your unit so that moving the unit to a different location will render it inoperable.
ST54D Secure Element
- ARM SecurCore SC300™ 32-bit RISC core.
- Security level: EAL5+ and EMVCo certified hardware.
- Supports state of the art Secure Element operating systems
- JavaCard 3.0.1 classical edition
- Globalplatform 2.2 with Amdts. A and C
- EMVCo certification
A core NFC antenna surrounds the OLED screen on the back of top cover of ORWL. There is a corresponding antenna on the back cover of keyfob.
There is a CR2032 type inside the keyfob, that should last 6 months. Each time the key is brought within range of the NFC induction coil on ORWL, the generated current charges the battery.
Bluetooth and Bluetooth Low Energy
The Bluetooth module of the keyfob is using a Nordic nRF52832 (datasheet} Bluetooth LE transceiver. The transceiver distance is used to put the device in lock mode (screen off, USB disable). It supports 250Kbps, 500Kbps, 1Mbps and 2Mbps data rates. It features an AES Security coprocessor.
The PC subsystem is not allowed to start until the security subsystem verifies firmwares and authenticates the NFC key, but from that point on, the PC subsystem behaves as any normal PC. We will initially ship devices configured to run Ubuntu 15.04, but as previously mentioned Windows 10 and any number of other Operating Systems can be used. Disk encryption is handled by the drive itself (a Self Encrypting SSD), so the operating system does not need any additional software. Of course you are free to add additional software cryptography on top. If you want to go this way, we suggest using LUKS on Linux.
CPU and GPU
The core of the PC subsystem is the latest Intel processor: the Skylake Core M . You can choose from three different processors from the m3-6Y30 to the m7-6Y75.
All versions feature an Intel HD Graphics 515 GPU for up to 4K Ultra HD video.
The device uses an external AC/DC wall adapter capable of supplying power via the USB type C connector at 15W. This means you can plug it anywhere, and even use a portable USB battery as a UPS.
You can choose between 2, 4, or 8 GB of DDR3 running at 1600MHz.
ORWL will ship with 120, 240, or 480 GB Self Encrypting Solid State Drives on an M.2 connector.
The main external interfaces are one micro-HDMI connector with video and audio output and two Type C connectors with USB 3.0. The wireless interfaces are Wifi 802.11 a/b/g/n/ac (MIMO) wireless networking and Bluetooth 3.0/4.0 Low Energy.
The Intel Dual Band Wireless-AC 8260 (code name Snowfield Peak) is a Wi-Fi and Bluetooth single-chip solution by Intel.
It uses Intel’s 3rd generation 802.11ac Wi-Fi solution and supports both 2.4 and 5 GHz bands. The 5 GHz band operates on an 80 MHz-wide channel reaching PHY rates of up to 867 Mbps. The Bluetooth core that supports Bluetooth 4.2 standard including Bluetooth 4.2 Low Energy (BLE). Two antenna ports: one for Wi-Fi only and the second shared between Wi-Fi and Bluetooth. Wi-Fi supports Rx antenna diversity.
It is supported by the mainline Linux kernel using the free iwlwifi drivers. The kernel will send a firmware provided by Intel to the card, a process handled automatically by most distributions. If you do not want to have that non-free piece of software on your system, you can avoid loading the firmware and connect a USB wireless or wired ethernet adapter.
There are two Bluetooth radios in the system.
One radio is part of the combined Snowfield Peak Bluetooth/WiFi module. This is the main Bluetooth radio, connected directly to the Intel microprocessor, and it is used for traditional HID devices (keyboard, mouse) and Audio accessories.
There is a second Bluetooth radio connected to the Maxim 32550 secure microcontroller. This one is dedicated to security. It is only meant to speak with the keyfobs, verifying them and analyzing the proximity data. If the distance is greater than 10 meters, the micro-HDMI port has power removed, the USB ports data lines are electrically disconnected and the Intel subsystem is put to sleep.
ORWL includes 4 antennas. One for NFC authentication, One for BLE communication between the Maxim secure MCU and the keyfob and two for the Wifi/Bluetooth combo.