Mitigation-page

MID-055: Use Highly Integrated Processors to Avoid Physical Attacks

Mitigation Tier: Intermediate

Description

Highly integrated processors, particularly system-on-chip and system-in-package, combine some or all of processing, RAM (e.g., SRAM, DRAM), non-volatile storage, and peripherals within a single physical package. Integration of these components avoids the need to connect separate single-purpose components across a circuit board via physically accessible busses and traces. This removes many of the opportunities for a threat actor to perform bus interception, chip contents extraction, and other physical attacks.

Note: Certain chips, particularly microcontrollers, utilize SRAM-based memory instead of DRAM. SRAM’s lack of capacitance makes it resistant to the original cold boot attacks, however newer research has demonstrated analogous techniques for extracting the contents of SRAM-based memories, caches, and registers [1].

IEC 62443 4-2 Mappings

  • EDR / HDR / NDR 3.11 (1) - Physical tamper resistance and detection  

References

[1] Jubayer Mahmod and Matthew Hicks. 2022. SRAM has no chill: exploiting power domain separation to steal on-chip secrets. In Proceedings of the 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS ‘22). Association for Computing Machinery, New York, NY, USA, 1043–1055. https://doi.org/10.1145/3503222.3507710