An attacker can interfere with the hardware or the software, integrating or modifying the existing software, hardware configuration or the transponder configuration to permit himself a future access to the resource.
The attacker can hardcode credentials during the supply chain phase with custom, to have a secure access to the resource if the component is integrated in the system.Replacement of a product in the supply chain with a custom or counterfeit part can be performed to damage the system or to use it as a future backdoor.An attacker can also modify the OBSW to permit a future access on the resource with a software backdoor.An attacker can also modify the payload hardware, software, or configuration to create a future access on the payload itself, either to target it or to use it against the whole resource. [1]
| ID | Mitigation | Description |
|---|---|---|
| M2019 | Data integrity schemes | |
| M2062 | Recovery to a known good state | |
| M2061 | Remote attestation |