docs(threat_model): mark power analysis threats out-of-scope

Exclude the threat of power analysis side-channel attacks from consideration in the TF-A generic threat model. Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: I5b245f33609fe8948e473ce4484898db5ff8db4d
9 months ago · 077d8b39bc
1 changed files with 9 additions and 0 deletions
--- a/docs/threat_model/firmware_threat_model/threat_model.rst
+++ b/docs/threat_model/firmware_threat_model/threat_model.rst
@ -163,6 +163,15 @@ in scope of this threat model.
  ion beam (FIB) workstation or decapsulate the chip using chemicals) is
  considered out-of-scope.

+  Certain non-invasive physical attacks that do not need modifications to the
+  chip, notably those like Power Analysis Attacks, are out-of-scope. Power
+  analysis side-channel attacks represent a category of security threats that
+  capitalize on information leakage through a device's power consumption during
+  its normal operation. These attacks leverage the correlation between a
+  device's power usage and its internal data processing activities. This
+  correlation provides attackers with the means to extract sensitive
+  information, including cryptographic keys.
+
 Threat Types
 ============