time domain reflectometer

3 Articles

A pair of printed circuit boards are shown against a pink background. The right circuit board is plugged into a USB cable, and has several LED indicators on. The left board is plugged into the other at 45-degree angle, and has no visible components.

Tamper Detection With Time-Domain Reflectometry

January 24, 2026 by 13 Comments

For certain high-security devices, such as card readers, ATMs, and hardware security modules, normal physical security isn’t enough – they need to wipe out their sensitive data if someone starts drilling through the case. Such devices, therefore, often integrate circuit meshes into their cases and regularly monitor them for changes that could indicate damage. To improve the sensitivity and accuracy of such countermeasures, [Jan Sebastian Götte] and [Björn Scheuermann] recently designed a time-domain reflectometer to monitor meshes (pre-print paper).

Many meshes are made from flexible circuit boards with winding traces built into the case, so cutting or drilling into the case breaks a trace. The problem is that most common ways to detect broken traces, such as by resistance or capacitance measurements, aren’t easy to implement with both high sensitivity and low error rates. Instead, this system uses time-domain reflectometry: it sends a sharp pulse into the mesh, then times the returning echoes to create a mesh fingerprint. When the circuit is damaged, it creates an additional echo, which is detected by classifier software. If enough subsequent measurements find a significant fingerprint change, it triggers a data wipe.

The most novel aspect of this design is its affordability. An STM32G4-series microcontroller manages the timing, pulse generation, and measurement, thanks to its two fast ADCs and a high-resolution timer with sub-200 picosecond resolution. For a pulse-shaping amplifier, [Jan] and [Björn] used the high-speed amplifiers in an HDMI redriver chip, which would normally compensate for cable and connector losses. Despite its inexpensive design, the circuit was sensitive enough to detect when oscilloscope probes contacted the trace, pick up temperature changes, and even discern the tiny variations between different copies of the same mesh.

It’s not absolutely impossible for an attacker to bypass this system, nor was it intended to be, but overcoming it would take a great deal of skill and some custom equipment, such as a non-conductive drill bit. If you’re interested in seeing such a system in the real world, check out this teardown of a payment terminal. One of the same authors also previously wrote a KiCad plugin to generate anti-tamper meshes.

Thanks to [mark999] for the tip!

Ask Hackaday: Is Our Power Grid Smart Enough To Know When There’s No Power?

June 23, 2020 by 63 Comments

Just to intensify the feeling of impending zombie apocalypse of the COVID-19 lockdown in the British countryside where I live, we had a power cut. It’s not an uncommon occurrence here at the end of a long rural power distribution network, and being prepared for a power outage is something I wrote about a few years ago. But this one was a bit larger than normal and took out much more than just our village. I feel very sorry for whichever farmer in another village managed to collide with an 11kV distribution pole.

What pops to mind for today’s article is the topic of outage monitoring. When plunged into darkness we all wonder if the power company knows about it. The most common reaction must be: “of course the power company knows the power is out, they’re the ones making it!”. But this can’t be the case as for decades, public service announcements have urge us to report power cuts right away.

In our very modern age, will the grid become smart enough to know when, and perhaps more importantly where, there are power cuts? Let’s check some background before throwing the question to you in the comments below.

Continue reading “Ask Hackaday: Is Our Power Grid Smart Enough To Know When There’s No Power?”

Fast Video Covers Coax Velocity Factor

October 11, 2019 by 14 Comments

We once saw an interview test for C programmers that showed a structure with a few integer, floating point, and pointer fields. The question: How big is this structure? The correct answer was either “It depends,” or “sizeof(struct x).” The same could be said of the question “What is the speed of light?” The flip answer is 186,282 miles per second, or 299,792,458 metres per second. However, a better answer is “It depends on what it is traveling in.” [KB9VBR] discusses how different transmission lines have different velocity factors and what that means when making RF measurements. A cable with a 0.6 velocity factor sees radio signals move at 60% of that 186,282 number.

This might seem like pedantry, but the velocity factor makes a difference because it changes the actual measurements of such things as dipole legs and coax stubs. The guys make a makeshift time domain reflectometer using a signal generator and an oscilloscope.

Continue reading “Fast Video Covers Coax Velocity Factor”