|
|
|
|
|
|
by nickpsecurity
3439 days ago
|
|
|
Same threat model with black hats. Here's a recent example from high-security field that's remarkably simple but stops tons of attacks: http://www.cc.gatech.edu/grads/c/csong43/oakland16-hdfi.pdf Its related work & extension page has a ton of references to other things showing just how much work it is to stop regular black hats in systems without verified software. Nation states just do more of the same stuff. Edmison's has a nice survey & design for when you don't trust anything outside the SOC: https://theses.lib.vt.edu/theses/available/etd-10112006-2048... NSA targets those levels, too. At that point, your bases are covered so long as the fab receives and doesn't alter your design. Plus the complex tooling works... |
|
|