Hi,

 

PSA Level 3 certification mandates protection against physical attack at a certain extent.

 

MCUboot v1.7.0 release already contains SW countermeasures against fault injection attacks. These can be used at device boot-up time.

But fault injection attacks are not targeting only the device boot-up time, instead they could be applied against the runtime firmware.

 

The following design proposal is addressing this threat:

https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/7476

 

Prototype implementation on AN521 and Musca-B1 target (top of the patch set):

https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/7475/1

 

Review and comments are welcome!

 

BR,

Tamas Ban