Description
Information stored in hardware may be recovered by an attacker with the capability to capture and analyze images of the integrated circuit using techniques such as scanning electron microscopy.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
Consequences
Confidentiality: Varies by Context
A common goal of malicious actors who reverse engineer ICs is to produce and sell counterfeit versions of the IC.
Potential Mitigations
Phase: Architecture and Design
Description:
The cost of secret extraction via IC reverse engineering should outweigh the potential value of the secrets being extracted. Threat model and value of secrets should be used to choose the technology used to safeguard those secrets. Examples include IC camouflaging and obfuscation, tamper-proof packaging, active shielding, and physical tampering detection information erasure.