Security Settings

By default, security is disabled.  Check this box to enable security.

When a PIM is Reset, all data from the previous use is discarded and all configuration data in the PIM is accessible, including the security keys.  To prevent malicious Resets, a PIM can be configured to require a passcode with a Reset request.  If a request is received with the wrong passcode an error is returned. Too many failed requests will result in the PIM failing all requests for a sample period.

 

PIM Control automatically generates passcodes based on the Reset Key.  The Reset Key is combined with tag specific information to generate a cryptographic hash.  The hash is different for each tag and for each use of any given tag.  That hash becomes the passcode.  Only users with the Reset Key can Reset the PIM.

 

When you enter the Reset Key it appears as clear text.  When you press Done, the key itself is encrypted and saved.  Once saved, there is no way to recover the clear text version.

When a PIM is put into the Run State, it starts measuring temperature and logging the measurements.  If you are planning to compute product Integrity, it is important that the PIM not be started until it is attached to the product to be monitored.  Malicious starting of a PIM can generate invalid results.  The Run Key behaves just like the Reset Key above.

When a PIM is Stopped, it quits monitoring temperature.  Malicious stopping of a PIM would render the PIM useless for computing product Integrity.  The Stop Key behaves just like the Reset Key above.

The Log Key behaved differently than the other Keys above.  No actual passcode is stored in the PIM.  Instead, the Log Key generates an encryption key that is used to encrypt/decrypt data in the PIM Log.  Only "secure" item types are encrypted.  Only users who know the Log Key can decrypt the items.

Click this button to clear all the Key fields.  Empty Key fields imply that security should be disabled for those functions.