Intermediate Mitigations

• MID-002: Hardware-backed Bootloader Authentication
• MID-005: Memory Safe Programming Languages
• MID-007: Control Flow Manipulation Protections
• MID-008: Decidable Protocols and Parsers
• MID-009: Operating System-based Runtime Integrity Check
• MID-014: Sandboxing
• MID-015: Containerization
• MID-019: ROP Gadget Minimization
• MID-020: Pointer Authentication
• MID-022: Segmentation Through Hardware-assisted VMs
• MID-023: Hypervisor Hardening
• MID-028: Hardware-backed Key Storage
• MID-029: Hardware Root of Trust
• MID-033: Unique Factory Preinstalled Secret Keys
• MID-040: Cryptographically Signed Custom Programs
• MID-045: Multi-factor Authentication
• MID-048: Hardware Random Number Generator
• MID-053: Use IOMMU to Implement DMA Access Controls
• MID-055: Use Highly Integrated Processors to Avoid Physical Attacks
• MID-059: Software Patterns for Side Channel Resistance
• MID-060: Dedicated Hardware Cryptographic Modules
• MID-061: Use Separate Processors for Isolation
• MID-063: Software Mitigations for Fault Injection
• MID-064: Store Critical Code and Data in On-Chip Memory
• MID-065: RAM Encryption
• MID-066: Implement Redundant Processing and Memory
• MID-067: Implement DRAM RowHammer-resistant DRAM and Memory Controllers
• MID-068: Data Bus Encryption and Message Authentication
• MID-069: Electrical Fault Protection
• MID-081: Secure Network Tunnels
• MID-082: Post-quantum Cryptography

Intermediate