Mitigation-page

MID-066: Implement Redundant Processing and Memory

Mitigation Tier: Intermediate

Description

Systems that require high reliability may implement redundant memory and processors to tolerate faults. These ensure data validity before acting on it, for example by implementing a voting mechanism or other error detection algorithm. This can make a system more resistant to (1) manipulations that cause memory bit errors, such as RowHammer, as it is unlikely a majority of a redundant set of memory chips will exhibit identical bit flips when subjected to an attack, and (2) fault injection attacks if the fault is probabilistic and cannot be made to effect each redundant processor identically.

Limitations: A motivated adversary may coordinate simultaneous fault injections against all of the redundant components to still achieve a successful attack, however this will be more challenging than attacking a design without redundancy. The benefits of increasing attack difficulty must be weighed against the additional complexity added to the device design and its corresponding costs and risks.

IEC 62443 4-2 Mappings

  • none

References