Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add mitigations to threat model #192

Merged
merged 1 commit into from
Mar 26, 2024
Merged

Add mitigations to threat model #192

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
54 changes: 48 additions & 6 deletions doc/threat_model/threat_model.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,6 @@ cases, the threat model tries to capture and describe the threats that
needs to be mitigated in order for the device app to work in a secure
and trustworthy manner.


## Assumptions

* There are no backdoors or vulnerabilities in Lattice iCE40 UltraPlus
Expand Down Expand Up @@ -176,18 +175,30 @@ are out of scope and what mitigations are in place.

### TKey Unlocked

Note that the threat model as described for the TK1-23.03.2-Bellatrix
release (see below) applies to TKey Unlocked devices as long as the
TKey has been provisioned with:
Note that the threat model and the mitigations per release (see below)
applies to TKey Unlocked devices too as long as they have been
provisioned with:

- the Tillitis TKey TK1-23.03.2-Bellatrix FPGA design and Tillitis
TKey firmware.
- the bitstream from the release,
- A unique, random UDS
- A unique UDI

The configuration must have been written into the NVCM and
locked by blowing the fuses.

### TK1-24.03-Bellatrix

#### Mitigations

- USB port attacks - boot protocol:

- Instead of exiting to an eternal loop on errors, firmware now
forces a CPU trap state that requires a reboot.

- Software attacks:

Access outside of physical RAM forces the CPU into a trap state
that requires a reboot.

### TK1-23.03.2-Bellatrix
This release contains a BOM update to the Tkey hardware for the touch
Expand Down Expand Up @@ -216,6 +227,37 @@ The FPGA design as well as the firmware has been audited, and
hardening of these has been performed to some degree. For more
information, see the [Release Notes](/doc/release_notes.md)

#### Mitigations

- To protect the UDS the hardware design allows only one read per word
of the UDS per power-cycle.

- USB port attacks - boot protocol:

- The firmware has a more strict protocol state machine and exits out
dehanj marked this conversation as resolved.
Show resolved Hide resolved
to an eternal loop on any errors.

- Firmware stack is protected by hardware for execution.

- Software attacks:

- Firmware uses its own FW_RAM for sensitive computations which is
not available in app mode.

- Device apps can protect arbitrarly parts of RAM, typically heap +
stack, with hardware support.

- Hardware attacks:

- The reading and handling of the UDS is randomized so it doesn't
always occur on the same cycle.

- Firmware turns on hardware assisted RAM address and data
scrambling mechanisms. It makes it harder for an outside attacker
to find assets generated by and stored in the RAM by applications.
Note that this mitigates an attack from outside the CPU, not from
an exploit towards applications running on it.

#### Known possible weakneses

The CH552 MCU providing USB host communication contains firmware that
Expand Down