MID-054: Encrypt and Authenticate Non-volatile Storage Contents
Mitigation Tier: Foundational
Description
Data that is stored in non-volatile storage external to the processor should be cryptographically protected, and only decrypted and authenticated within the processor at time of use. This removes opportunities for threat actors to access or modify unencrypted firmware code, configurations, or other sensitive data.
Limitations: Extensive use of encryption can impact performance as data must be decrypted every time it is loaded for use. This may limit what portions of data are practical to encrypt or require migrating a design to use processors with hardware acceleration for decryption. Additionally, private and secret keys must be sufficiently protected, ideally in a hardware-backed keystore (see MID-028), or at least in on-chip memory (see MID-064) and should not be shared between devices (see MID-033).
IEC 62443 4-2 Mappings
CR 4.1 – Information confidentiality
CR 4.2 - Information persistence
References
[1] S. Garg. “Protecting Security Critical Firmware.” linaro.org. Accessed: Aug. 27, 2024. [Online]. Available: https://old.linaro.org/blog/protecting-security-critical-firmware/
[2] D. Kleidermacher, “Enhance system security with better data-at-rest encryption.” embedded.com. Accessed: Aug. 27, 2024. [Online]. Available: https://www.embedded.com/enhance-system-security-with-better-data-at-rest-encryption/