HoT-TAI-0024: Lack of tamper resistance

Summary:

Concerns with physical security range from a lack of supply chain cybersecurity and onsite physical security manipulation to the use of electronic warfare (EW) concepts described within the broader context of CEMA. Examples include:

• Implanting, embedding, or piggybacking inorganic embedded systems (e.g. microprocessors, microcontrollers, or other integrated circuits (IC)), within an IoT device to include devices that provide an out-of-band backdoor communication medium (e.g. RF technologies such as GSM within an implanted inorganic embedded system).

• Removal and reprogramming of microprocessors using desoldering and reprogramming techniques.
  Manipulating the embedded operating system (e.g. firmware) and/or physical hardware through inter-board communication and configuration interfaces and protocols such as JTAG, SPI, I2C, UART, USB, RS-232, and Firewire.

• Manipulating ICs during the manufacturing process, through a method known as “stealthy dopant level hardware Trojans” [8].

At the physical network layer, it is clear that vulnerabilities are introduced and exploitation can occur at all phases of a product’s life including design, manufacturing, the supply chain, configuration, and usage. This is depicted in Figure 3.

Estimated Overall Risk Assessment:HIGH/MID/LOW

• Technical Impacts:

• Business Impacts:

• Detectability:

• Prevalence:

• Exploitability:

Attack Surfaces Grouped By Layer of Cyberspace

• Physical Network Layer
  • Device Physical Interfaces
  • Sensors

Known Intrusion / Exploit / Attack Cases and Threats

TBD

Identify, Detect, Protect, Respond, and Recover (NIST FICIC)

TBD

Analysis Tools and Training

TBD

Associated CVEs / Manufacturers / Devices

TBD

References

TBD