The table below gives an overview of the cost and techniques used for each type of attack.
Table 4. Attacks types and costs
Attacks
types
Software Hardware non–invasive Hardware invasive
-
Scope Remote or local Local board and device level Local device level
Techniques
Software bugs
Protocol weaknesses
Trojan horse
Eavesdropping
Debug port
Power glitches
Fault injection
Side-channels analysis
Probing
Laser
FIB
Reverse engineering
Cost/
expertise
From very low to high,
depending on the security
failure targeted
Quite low cost. Need only moderately
sophisticated equipment and knowledge to
implement.
Very expensive. Need dedicated
equipment and very specific skills.
Objectives
Access to confidential assets
(code and data).
Usurpation
Denial of service
Access to secret data or device internal
behavior (algorithm).
Reverse engineering of the device
(silicon intellectual property)
Access to hidden hardware and
software secrets (flash memory
access)
3.2 Software attacks
Software attacks are carried out on the system by executing a piece of code, named a malware, by the CPU.
The malware takes control of the device in order to get access to any resources of the system (such as ID, RAM,
and flash memory content or peripheral registers), or to modify its functionality.
This type of attack represents most of device threats for the following reasons:
• The attack cost is low since it does not need specific equipment but a personal computer.
• Many hackers can put their effort together, sharing their expertise and tricks, so that a successful attack
is likely to happen if a security breach exists. Furthermore, in case of success, the attack protocol may
spread very quickly through the web
The malware can be injected into the device or can already be present (insider threat) in main application
firmware through a nonverified or untrustworthy library for example. Malwares are of many types and they can be
very small and easy to hide.
Here are examples of what a malware can do:
• Modify device configuration (such as option bytes or memory attributes).
• Disable protections.
• Read memory and dump its content for firmware and data cloning.
• Trace or log device data.
• Access to cryptographic items.
• Open communication channel/interface.
• Modify or block the device functionality.
Unless user application is fully trusted, bug-free, and isolated, without any means to communicate with external
world, software attacks must be considered.
AN5156
Software attacks
AN5156 - Rev 8
page 8/56
To Next Page
Loading...
Need help?
General
