At the top level, attacks are classified into three main categories based on their functional objectives.
- Privacy attacks: The objective of these attacks is to gain knowledge of sensitive information stored,
communicated, or manipulated within an embedded system.
- Integrity attacks: These attacks attempt to change data or code associated with an embedded system.
- Availability attacks: These attacks disrupt the normal functioning of the system by mis-appropriating
system resources so that they are unavailable for normal operation.
A second level of classification of attacks on embedded systems is based on the agents or means used to
launch the attacks. These agents are typically grouped into three main categories as shown in Figure 1:
Figure 1: Taxonomy of attacks on embedded systems
- Software attacks : which refer to attacks launched through software agents such as viruses,
trojan horses, worms, etc.
- Physical or Invasive attacks : which refer to attacks that require physical intrusion into the system
at some level (chip, board, or system level).
- Side-channel attacks : which refer to attacks that are based on observing properties of the system
while it performs cryptographic operations, e.g., execution time, power consumption, or behavior in the
presence of faults.
The agents used to launch attacks may either be passive in the sense that they do not interfere in any
manner with system execution (e.g., merely probe or observe certain properties), or may actively
interfere with the target system’s operation. Integrity and availability attacks require interference
with the system in some manner, and hence can be launched only through active agents.
It bears mentioning that, although we have classified attacks into various categories for the sake of
understanding. In practice, attackers often use a combination of various techniques to achieve their
objectives. For example, physical attacks may be used as a pre-cursor to side-channel attacks
(removing a chip’s packaging before observing the values on global wires within the chip). Our
classification is also by no means exhaustive, nor is it intended to be — the ingenuity of attackers
who invariably come up with new schemes to break security is arguably the greatest challenge to