docs(threat_model): mark power analysis threats out-of-scope Exclude the threat of power analysis side-channel attacks from consideration in the TF-A generic threat model. Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: I5b245f33609fe8948e473ce4484898db5ff8db4d

commit: 370f3d17ca69a9261354330ba946b39eeca974ca [log] [tgz]
author: Manish V Badarkhe <Manish.Badarkhe@arm.com> Mon Feb 12 11:56:56 2024 +0000
committer: Manish V Badarkhe <Manish.Badarkhe@arm.com> Wed Feb 14 14:18:16 2024 +0000
tree: 6f782c7c0980c67cfc4f9862f9328d4ba2c94f8a
parent: 735a7b5b27dbc7a6b023ea60a80c9e93ede52718 [diff]
diff --git a/docs/threat_model/firmware_threat_model/threat_model.rst b/docs/threat_model/firmware_threat_model/threat_model.rst
index d93547f..63bdc8a 100644
--- a/docs/threat_model/firmware_threat_model/threat_model.rst
+++ b/docs/threat_model/firmware_threat_model/threat_model.rst

@@ -163,6 +163,15 @@
   ion beam (FIB) workstation or decapsulate the chip using chemicals) is
   considered out-of-scope.
 
+  Certain non-invasive physical attacks that do not need modifications to the
+  chip, notably those like Power Analysis Attacks, are out-of-scope. Power
+  analysis side-channel attacks represent a category of security threats that
+  capitalize on information leakage through a device's power consumption during
+  its normal operation. These attacks leverage the correlation between a
+  device's power usage and its internal data processing activities. This
+  correlation provides attackers with the means to extract sensitive
+  information, including cryptographic keys.
+
 Threat Types
 ============
commit	370f3d17ca69a9261354330ba946b39eeca974ca	[log] [tgz]
author	Manish V Badarkhe <Manish.Badarkhe@arm.com>	Mon Feb 12 11:56:56 2024 +0000
committer	Manish V Badarkhe <Manish.Badarkhe@arm.com>	Wed Feb 14 14:18:16 2024 +0000
tree	6f782c7c0980c67cfc4f9862f9328d4ba2c94f8a
parent	735a7b5b27dbc7a6b023ea60a80c9e93ede52718 [diff]