The TF-A team members have thought about trying to explore the use of more mitigations for Side Channel attacks along the lines of "Canary In the Coalmine" type techniques to as you say build additional resilience and as you can expect the techniques used by our peer TF-M project are one we would like to explore. I would not say this is a plan as such but definitely something already listed on our backlog. As to if the TF-M code can be reused that would need to be explored more.
On 26/03/2021, 14:12, "TF-A on behalf of François Ozog via TF-A" <email@example.com on behalf of firstname.lastname@example.org> wrote:
Trusted Firmware M recently introduced protection against glitching at key decision points: https://github.com/mcu-tools/mcuboot/pull/776
To me this is a key mitigation element for companies that target PSA level 3 compliance which means hardware attacks resilience.
I believe similar techniques need to be used in different projects involved in Linux secure booting (TF-A, OP-TEE, U-Boot, Linux kernel).
Are there any efforts planned around this ?
Is it feasible to have a "library" that could be integrated in different projects?
FF -- TF-A mailing list TF-A@lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a