MCUBOOT: Security Assessment Part 2

Introduction In a previous article, we discussed the countermeasures implemented in MCUBOOT and the validity of the previously performed security assessment. In this article, I’m going to present you Funicorn, our home made simulation based fault injection tool. Funicorn (Fault unicorn) will be used to demonstrate that MCUBOOT is far from being protected against fault […]

MCUBOOT: Security Assessment Part 1

Introduction Securing a piece of software embedded into a chip is not an easy task. First, you have to define what could be the threats affecting your software, what would be the attacker model (i.e. remote attacker, physical attacker or both of them), what are the security objectives and the corresponding security requirements. Then, you […]