.jpg)
In a statement last Friday, BLACK HAT ASIA Arm said that a successful side attack on one of its Cortex-M systems with TrustZone enabled was “not a failure of the protection offered by the architecture.”
“The Security Extensions for the Armv8-M architecture do not claim to protect against side-channel attacks due to control flow or memory access patterns. Indeed, such attacks are not specific to the Armv8-M architecture; they may apply to any code with secret-dependent control flow or memory access patterns,” argued Arm.
Arm released the statement following a presentation titled “Hand Me Your Secret, MCU! ” at the Black Hat Asia infosec conference last week. Microarchitectural Timing Attacks on Microcontrollers are Practical” – claimed that side-channel attacks are possible on the microcontrollers made by the chip design company.
Researchers from Portugal’s Universidade do Minho (UdM) were successful in demonstrating that MCUs were vulnerable to similar attacks. Their findings were based on the 2018 discovery of Spectre and Meltdown, the Intel CPU architecture vulnerabilities that opened Pandora’s box of microarchitecture transient state side attacks.
Historically, servers, PCs, and mobile devices were the principal targets of microarchitectural attacks. Due to the systems’ simplicity, micro
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: