Threat actors may manipulate boot memory in order to execute malicious code, bypass internal processes, or DoS the system. This technique can be used to perform other tactics such as Defense Evasion.
|CM0028||Tamper Protection||Perform physical inspection of hardware to look for potential tampering. Leverage tamper proof protection where possible when shipping/receiving equipment.||CA-8(3) CM-7(9) MA-7 PM-30 PM-30(1) RA-3(1) SA-10(3) SA-10(4) SC-51 SR-1 SR-1 SR-10 SR-11 SR-11(3) SR-2 SR-2(1) SR-3 SR-4(3) SR-4(4) SR-5 SR-5 SR-5(2) SR-6(1) SR-9 SR-9(1)|
|CM0015||Software Source Control||Prohibit the use of binary or machine-executable code from sources with limited or no warranty and without the provision of source code.||CM-14 CM-7(8) SA-10(4)|
|CM0018||Dynamic Analysis||Employ dynamic analysis (e.g., using simulation, penetration testing, fuzzing, etc.) to identify software/firmware weaknesses and vulnerabilities in developed and incorporated code (open source, commercial, or third-party developed code). Testing should occur (1) on potential system elements before acceptance; (2) as a realistic simulation of known adversary tactics, techniques, procedures (TTPs), and tools; and (3) throughout the lifecycle on physical and logical systems, elements, and processes. FLATSATs as well as digital twins can be used to perform the dynamic analysis depending on the TTPs being executed. Digital twins via instruction set simulation (i.e., emulation) can provide robust environment for dynamic analysis and TTP execution.||CA-8 CP-4(5) RA-5(11) SA-11(5) SA-11(8) SA-11(9) SC-2(2) SC-7(29) SI-3 SR-6(1) SR-6(1)|
|CM0021||Software Digital Signature||Prevent the installation of Flight Software without verification that the component has been digitally signed using a certificate that is recognized and approved by the mission.||CM-11(3) CM-14 CM-14 SA-10(1) SI-7 SI-7(12) SI-7(15)|
|CM0023||Configuration Management||Use automated mechanisms to maintain and validate baseline configuration to ensure the spacecraft's is up-to-date, complete, accurate, and readily available.||CM-11(3) CM-3(7) CM-3(8) CM-5 MA-7 SA-10 SA-10(7) SR-11(2)|
|CM0014||Secure boot||Software/Firmware must verify a trust chain that extends through the hardware root of trust, boot loader, boot configuration file, and operating system image, in that order. The trusted boot/RoT computing module should be implemented on radiation tolerant burn-in (non-programmable) equipment.||SC-51 SI-7(9)|