Security News > 2023 > May > Arm acknowledges side-channel attack but denies Cortex-M is crocked

Black Hat Asia Arm issued a statement last Friday declaring that a successful side attack on its TrustZone-enabled Cortex-M based systems was "Not a failure of the protection offered by the architecture."

"The Security Extensions for the Armv8-M architecture do not claim to protect against side-channel attacks due to control flow or memory access patterns. Indeed, such attacks are not specific to the Armv8-M architecture; they may apply to any code with secret-dependent control flow or memory access patterns," argued Arm.

"We can basically break all security isolation guarantees in Arm MCUs, including the state-of-art ones with the TEE TrustZone-M technology," Pinto told The Register.

In its statement, Arm advised that the attack can be mitigated by ensuring that the program's control flow and memory accesses patterns do not depend on secret state.

"Arm works to improve security and enable the ecosystem to build more secure solutions. One example of this is the 'Data Independent Timing' feature that was introduced in the Armv8.1-M architecture. Although this feature does not mitigate the specific attack referred to in this article, it helps to protect against data dependent timing side-channel attacks," added the silicon slinger.

The boffins revealed that they may be able to twist Arm to change its approach - if they can demonstrate a similar variant of the attack in an application without a secret dependent memory path.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/05/15/mcu_side_channel_attack/