4. Coupled software and hardware attacks
Today's systems-on-a-chip are increasingly complex. This complexity is leading to the development of new attack paths that combine hardware and software aspects. So a physical attack can open up a vulnerability enabling a software attack, or software code can lead to hardware failure.
4.1 Coupling software and physical attacks
An example of coupled attacks targeting processors is the hardware corruption of a secured boot loader sequence, enabling the execution of malicious code. During a normal secured boot loader sequence, the boot code is loaded (usually in chunks) into the processor's RAM memory. This involves a sequence of instructions to load the data addressed in ROM into an internal register of the processor (load), and then to store the same data at...
Exclusive to subscribers. 97% yet to be discovered!
You do not have access to this resource.
Click here to request your free trial access!
Already subscribed? Log in!
The Ultimate Scientific and Technical Reference
This article is included in
Security of information systems
This offer includes:
Knowledge Base
Updated and enriched with articles validated by our scientific committees
Services
A set of exclusive tools to complement the resources
Practical Path
Operational and didactic, to guarantee the acquisition of transversal skills
Doc & Quiz
Interactive articles with quizzes, for constructive reading
Coupled software and hardware attacks
Bibliography
Websites
Collection of reverse engineering examples for integrated circuits
Agence Nationale pour la Sécurité des Systèmes d'Information – ANSSI
French security solutions awarded France...
Events
Conference on Cryptographic Hardware and Embedded Systems (CHES) https://ches.iacr.org/
IEEE International Symposium on hardware Oriented Security and Trust (HOST) http://www.hostsymposium.org/
International Workshop on cryptographic Architectures...
Standards and norms
- Advanced Encryption Standard (AES), Federal Information Processing Standards Publication (FIPS) 197, nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf - FIPS197 - 2001
- ARM Security Technology. Building a secure system using trustzone technology. ARM Limited. - PRD29-GENC-009492C - 2005-2009
- Standard Test Access Port and Boundary – Scan Architecture. - IEEE 1149.1 - 2013
Directory
Manufacturers – Suppliers – Distributors (non-exhaustive list)
Rambus, holder of numerous patents on covert channel attacks (ex-Cryptography Research) https://www.rambus.com/security/
French CESTIs approved to evaluate embedded electronic systems: Serma Safety & Security
Exclusive to subscribers. 97% yet to be discovered!
You do not have access to this resource.
Click here to request your free trial access!
Already subscribed? Log in!
The Ultimate Scientific and Technical Reference