Merge "docs(threat_model): mark power analysis threats out-of-scope" into integration

2025-04-24 22:05:40 +00:00 · 2024-02-20 17:04:03 +01:00 · 2024-02-20 17:04:03 +01:00 · 64e3efe72b
commit 64e3efe72b
parent ef68521971 077d8b39bc
1 changed files with 9 additions and 0 deletions
--- a/docs/threat_model/firmware_threat_model/threat_model.rst
+++ b/docs/threat_model/firmware_threat_model/threat_model.rst
@ -163,6 +163,15 @@ in scope of this threat model.
  ion beam (FIB) workstation or decapsulate the chip using chemicals) is
  considered out-of-scope.

+  Certain non-invasive physical attacks that do not need modifications to the
+  chip, notably those like Power Analysis Attacks, are out-of-scope. Power
+  analysis side-channel attacks represent a category of security threats that
+  capitalize on information leakage through a device's power consumption during
+  its normal operation. These attacks leverage the correlation between a
+  device's power usage and its internal data processing activities. This
+  correlation provides attackers with the means to extract sensitive
+  information, including cryptographic keys.
+
 Threat Types
 ============