3 Attack types
This section presents the different types of attack that a microcontroller may have to face, from the most basic
ones to very sophisticated and expensive ones. The last part presents typical examples of attacks targeting
an IoT system.
Attacks on microcontroller are classified in one of the following types:
• software attack: exploits software vulnerabilities (such as bug or protocol weaknesses).
• hardware non-invasive attack: focuses on MCU interfaces and environment information.
• hardware invasive attack: destructive attack with direct access to silicon
3.1 Introduction to attack types
A key rule in security is that a successful attack is always possible.
First, there is no absolute protection against unexpected attack. Whatever the security measures taken to
protect a system, it is possible that a security breach is found and exploited during the device lifetime.
This last point makes it necessary to consider how the device firmware is updated to increase its security
(see Section 5.3.2 Secure firmware update (SFU)).
Secondly, in laboratory conditions with proper equipment, it is possible to retrieve microcontroller content, or even
its design architecture details. These techniques are briefly presented in Section 3.3 Hardware attacks.
From an attacker's point of view, an attack is most profitable if the ratio expected revenue/attack cost is as high
as possible. The revenue depends on the stolen asset value, and on the repeatability of the attack. The cost
depends on time, the acquisition of the necessary skills by the attacker, and on money (equipment) spent to
succeed.
Attack types
While there are more detailed groups and categories of attack, the basic categories are the following ones:
• Software attacks are carried by exploiting bugs, protocol weaknesses, or untrusted pieces of code among
others. Attacks on communication channels (interception or usurpation) are part of this category. Software
attacks represent the vast majority of cases. Their cost may be very low. They can be widely spread and
repeated with huge damage. It is not necessary to have a physical access to the device. The attack can be
executed remotely.
• Hardware attacks need physical access to the device. The most obvious one exploits the debug port, if
it is not protected. However, in general, hardware attacks are sophisticated and can be very expensive.
They are carried out with specific materials and require electronics engineering skills. A distinction is made
between noninvasive attacks (carried out at board or chip level without device destruction), and invasive
attacks (carried out at device-silicon level with package destruction). In most cases, such an attack is only
profitable if it reveals information that leads to a new and widely applicable remote attack.
AN5156
Attack types
AN5156 - Rev 8
page 7/56
To Next Page
Loading...
Need help?
General
