• State Verified Answer
  • Replies 4 replies
  • Subscribers 74 subscribers
  • Views 834 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 261144
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

How to prevent rogue application from using modem security tags

JVantol

I'm wondering about a scenario where an attacker has physical access, and manages to program their custom application into our device. They could use our stored credentials to authenticate the device, as there doesn't appear to be a mechanism to prevent this.

Is there a way to prevent this? Can the modem firmware validate the application firmware before granting access to the security tags? Is there some mechanism in place that I'm not aware of that prevents this scenario?

Regards,

Josh

Parents
  • 0

    Hi!

    So, first of all,  we have security features to protect against an attacker getting physical access to a device and overwriting the FW (see APPROTECT, ERASEPROTECT, and SECUREAPPROTECT in Enabling device protection).

    But assuming that an attacker is able to overwrite the FW, the application can't actually read out any "secrets" from the modem. It can ask to use the credentials stored in a security tag, so the application has to know which sec_tag to use. 

    Perhaps the immutable bootloader can do some validation and then disable ERASEALL manually to ensure the bootloader isn't overwritten.

    Let me ask around if there is any such protection mechanism I am not aware of.

    Best regards,

    Heidi

Reply
  • 0

    Hi!

    So, first of all,  we have security features to protect against an attacker getting physical access to a device and overwriting the FW (see APPROTECT, ERASEPROTECT, and SECUREAPPROTECT in Enabling device protection).

    But assuming that an attacker is able to overwrite the FW, the application can't actually read out any "secrets" from the modem. It can ask to use the credentials stored in a security tag, so the application has to know which sec_tag to use. 

    Perhaps the immutable bootloader can do some validation and then disable ERASEALL manually to ensure the bootloader isn't overwritten.

    Let me ask around if there is any such protection mechanism I am not aware of.

    Best regards,

    Heidi

Children
No Data
Related
Terms of service