Hardware security details the whole lifespan of a cyber-physical system, from before it is designed till retirement. There are two aspects of hardware security which include security in the processor supply chain and hardware mechanisms that provide software with a secure execution environment. An example of such a threat is the Trojan circuit, an insidious attack that involves planting a vulnerability in a processor sometime between design and fabrication that manifests as an exploit after the processor has been integrated, tested, and deployed as part of a system.
Vulnerability is the existence of a weakness, design, or implementation error that can lead to an unexpected, undesirable event compromising the security of the computer system, network, application, or protocol involved.
Vulnerability is a weakness which consists of three elements which include system susceptibility, attacker access to the flaw and attacker capability to exploit the flaw. A security risk may be considered as a vulnerability and there are vulnerabilities without risk when the affected asset has no value at all. A vulnerability with one or more known instances of working and fully implemented attacks is classified as an exploitable vulnerability. A vulnerability with one or more known instances of working and fully implemented attacks is classified as an exploitable vulnerability. The window of vulnerability is the time from when the security hole was introduced or manifested in deployed software to when access was removed, a security fix was deployed, or the attacker was disabled.
Vulnerabilities that are not related to software include hardware, site and personnel vulnerabilities. A large source of vulnerabilities include constructs in programming languages that are hard to use in the right way.
Threats can originate from inside and outside a network. Two common examples can be:
Inside where a disgruntled employee logs on to his network server and goes to their personal...
Please join StudyMode to read the full document