General-purpose microcontrollers are not the best candidates to counter the most advanced physical attacks.
If a highest protection level is required, consider pairing a secure element with the general-purpose
microcontroller. Secure elements are dedicated microcontrollers certified as per the latest security standards
with specific hardware.
Refer to ST secure microcontrollers web page.
3.3.1 Non-invasive attacks
Non-invasive, or board-level attacks try to bypass the protection without physical damage (device kept functional).
Only accessible interfaces and device environment are used. These attacks require moderately sophisticated
equipment and engineering skills (such as signal processing).
Debug port access
This is the most basic attack that can be carried out on a device. Disabling debug capability must be the first
protection level to consider. Indeed, accessing to debug port or scan chain through JTAG or SWD protocol allows
accessing the full internal resources of the device: CPU registers, embedded flash memory, RAM and peripheral
registers.
Countermeasure:
• Debug port deactivation or fuse through Readout protection (RDP)
• Life-cycle management using product state (where this technology succeeded the RDP)
Serial port access
Access to communication ports (such as I2C or SPI) may hide a weakness that can be exploited. Communication
ports can be spied or used as a device entry point. Depending on how the associated protocol are implemented
(such as memory address access range, targeted peripherals or read/write operations), an attacker can
potentially gain access to the device resources.
Countermeasures:
• Software:
– Associated protocol operations must be limited by the firmware level, so that no sensitive resources
can be read or written.
– Isolate communication stack from sensitive data.
– Length of data transfer must be checked to avoid buffer overflows.
– Communication can be encrypted with a shared key between the device and the target.
• Hardware:
– Physical communication port can be buried in multi-layer boards to make it more difficult to access.
– Unused interface port must be deactivated.
Fault injection: clock and power disturbance/glitch attacks
Fault injection consists in using the device outside the parameters defined in the datasheet to generate
malfunctions in the system. A successful attack can modify the program behavior in different ways such as
corrupting program state, corrupting memory content, stopping process execution (“stuck-at fault”), skipping
instruction, modifying conditional jump or providing unauthorized access.
The typical threats involve tampering with clock (freezing or glitch) and power (under/over voltage or glitch).
Since fault may be non‑intentional, countermeasures are the same as the one used for safety: redundancy, error
detection and monitoring.
AN5156
Hardware attacks
AN5156 - Rev 8
page 10/56
To Next Page
Loading...
Need help?
General
