The adversary uses disruptive signals or events, or alters the physical environment a device operates in, to cause faulty behavior in electronic devices. This can include electromagnetic pulses, laser pulses, clock glitches, ambient temperature extremes, and more. When performed in a controlled manner on devices performing cryptographic operations, this faulty behavior can be exploited to derive secret key information.
|
|
| ID | CAPEC-624 |
| Latest Sync Date | 11/05/25 15:15:38 |
| Original ID | 624 |
| Abstraction | Meta |
| Status | Stable |
| Alternate Terms | ::TERM:Side-Channel Attack:DESCRIPTION::: |
| Likelihood Of Attack | Low |
| Typical Severity | High |
| Related Attack Patterns | |
| Execution Flow | |
| Prerequisites | ::Physical access to the system::The adversary must be cognizant of where fault injection vulnerabilities exist in the system in order to leverage them for exploitation.:: |
| Skills Required | ::SKILL:Adversaries require non-trivial technical skills to create and implement fault injection attacks. Although this style of attack has become easier (commercial equipment and training classes are available to perform these attacks), they usual require significant setup and experimentation time during which physical access to the device is required.:LEVEL:High:: |
| Resources Required | ::The relevant sensors and tools to detect and analyze fault/side-channel data from a system. A tool capable of injecting fault/side-channel data into a system or application.:: |
| Indicators | |
| Consequences | ::SCOPE:Confidentiality:TECHNICAL IMPACT:Read Data:TECHNICAL IMPACT:Bypass Protection Mechanism:TECHNICAL IMPACT:Hide Activities:NOTE:An adversary capable of successfully collecting and analyzing sensitive, fault/side-channel information, has compromised the confidentiality of that application or information system data.::SCOPE:Integrity:TECHNICAL IMPACT:Execute Unauthorized Commands:NOTE:If an adversary is able to inject data via a fault or side channel vulnerability towards malicious ends, the integrity of the application or information system will be compromised.:: |
| Mitigations | ::Implement robust physical security countermeasures and monitoring.:: |
| Example Instances | |
| Related Weaknesses | ::1247::1248::1256::1319::1332::1334::1338::1351:: |
| Taxonomy Mappings | |
| Notes | TYPE:Other:NOTE:Considerable effort on the part of the adversary is often required in order to detect and analyze fault/side channel data.:: |