Skip to main content
B
brackeler
Explorer
February 10, 2025
Question

Hardware Vulnerability Analysis - EN18031

  • February 10, 2025
  • 2 replies
  • 769 views

Hi,

I'm tasked with creating the documentation for assesing the compliance of our product in regard to EN18031.

The standard requires us to have checked if the relevant hardware has any publicly known security vulnerabilities. But when I asked our hardware guys about it, they just looked at me funny.

Is there a document where ST would advise about publicly know side-channel attack vectors or things like that?

The chip in question is a STM32L475.

Thanks a lot :)

Philipp

2 replies

######
######
Senior II
February 10, 2025

Does this help?

https://www.st.com/resource/en/technical_note/tn1489-security-bulletin-tn1489stpsirt-physical-attacks-on-stm32-and-stm32cube-firmware-stmicroelectronics.pdf

 

Also look at STM32 "SESIP" and/or "PSA" ratings for your device and code.

 

Also check the "CVE" database for Critical Vulnerabilities and Exploits.

    Billy OWEN
    Billy OWEN
    ST Employee
    February 10, 2025

    Hi @brackeler 

     

    This post has been escalated to the ST Online Support Team for additional assistance.  We'll contact you directly.

     

    Regards,

    Billy

      Terms & ConditionsAccessibility statement