CAPEC-674: Design for FPGA Maliciously Altered

Detailed Stable 严重程度: High 攻击可能性: Low

CAPEC版本: 3.9

更新日期: 2023-01-24

攻击模式描述

前提条件

An adversary would need to have access to FPGA programming/configuration-related systems in a chip maker’s development environment where FPGAs can be initially configured prior to delivery to a customer or have access to such systems in a customer facility where end-user FPGA configuration/reconfiguration can be performed.

所需技能

High An adversary would need to be skilled in FPGA programming in order to create/manipulate configurations in such a way that when loaded into an FPGA, the end user would be able to observe through testing all user-defined required functions but would be unaware of any additional functions the adversary may have introduced.

后果影响

影响范围: Integrity

技术影响: Alter Execution Logic

缓解措施

Utilize DMEA’s (Defense Microelectronics Activity) Trusted Foundry Program members for acquisition of microelectronic components.

Ensure that each supplier performing hardware development implements comprehensive, security-focused configuration management including for FPGA programming and program uploads to FPGA chips.

Require that provenance of COTS microelectronic components be known whenever procured.

Conduct detailed vendor assessment before acquiring COTS hardware.

分类映射

分类名称	条目ID	条目名称
ATTACK	1195.003	Supply Chain Compromise: Compromise Hardware Supply Chain

关键信息

CAPEC ID: CAPEC-674

抽象级别: Detailed

状态: Stable

典型严重程度: High

攻击可能性: Low