Cyber-Physical system devices nowadays constitute a mixture of Information Technology\n(IT) and Operational Technology (OT) systems that are meant to operate harmonically under a security\ncritical framework. As security IT countermeasures are gradually been installed in many embedded\nsystem nodes, thus securing them from many well-know cyber attacks there is a lurking danger that\nis still overlooked. Apart from the software vulnerabilities that typical malicious programs use, there\nare some very interesting hardware vulnerabilities that can be exploited in order to mount devastating\nsoftware or hardware attacks (typically undetected by software countermeasures) capable of fully\ncompromising any embedded system device. Real-time microarchitecture attacks such as the cache\nside-channel attacks are such case but also the newly discovered Rowhammer fault injection attack\nthat can be mounted even remotely to gain full access to a device DRAM (Dynamic Random Access\nMemory). Under the light of the above dangers that are focused on the device hardware structure,\nin this paper, an overview of this attack field is provided including attacks, threat directives and\ncountermeasures. The goal of this paper is not to exhaustively overview attacks and countermeasures\nbut rather to survey the various, possible, existing attack directions and highlight the security\nrisks that they can pose to security critical embedded systems as well as indicate their strength on\ncompromising the Quality of Service (QoS) such systems are designed to provide.
Loading....