On 26.03.21 15:12, François Ozog wrote: > Hi > > Trusted Firmware M recently introduced protection against glitching at > key decision points: > https://github.com/mcu-tools/mcuboot/pull/776 > > To me this is a key mitigation element for companies that target PSA > level 3 compliance which means hardware attacks resilience. > > I believe similar techniques need to be used in different projects > involved in Linux secure booting (TF-A, OP-TEE, U-Boot, Linux kernel).
Power glitches can induce changes in data, in code, and in CPU state. Signing selected variables cannot be a sufficient counter-measure. If you want to protect against power glitches, it seems more promising to do so on the hardware side, e.g. * provide circuitry that resets the board if a power-glitch or an electromagnetic interference is detected * use ECC RAM Best regards Heinrich > > Are there any efforts planned around this ? > > Is it feasible to have a "library" that could be integrated in > different projects? > > Cheers > > FF > _______________________________________________ > boot-architecture mailing list > boot-architecture@lists.linaro.org > https://lists.linaro.org/mailman/listinfo/boot-architecture > _______________________________________________ boot-architecture mailing list boot-architecture@lists.linaro.org https://lists.linaro.org/mailman/listinfo/boot-architecture
