PD ISO/IEC TS 30104:2015
Current
The latest, up-to-date edition.
Information Technology. Security Techniques. Physical Security Attacks, Mitigation Techniques and Security Requirements
Hardcopy , PDF
English
31-05-2015
Important note : Users cannot be edited or removed once added to your Multi user PDF.
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols and abbreviated terms
5 Physical security
6 Physical security invasive mechanisms
7 Physical security invasive attacks and defences
8 Physical security non-invasive mechanisms
9 Physical security non-invasive attacks and defences
10 Operating Envelope Concept
11 Development, delivery and operation considerations
12 Physical security evaluation and testing
Annex A (informative) - Example of a physical security design
Bibliography
Describes the following topics: - a survey of physical security attacks directed against different types of hardware embodiments including a description of known physical attacks, ranging from simple attacks that require minimal skill or resources, to complex attacks that require trained, technical people and considerable resources; - guidance on the principles, best practices and techniques for the design of tamper protection mechanisms and methods for the mitigation of those attacks; and - guidance on the evaluation or testing of hardware tamper protection mechanisms and references to current standards and test programs that address hardware tamper evaluation and testing.
| Committee |
IST/33/3
|
| DocumentType |
Standard
|
| Pages |
42
|
| PublisherName |
British Standards Institution
|
| Status |
Current
|
Physical security mechanisms are employed by cryptographic modules where the protection of the modules sensitive security parameters is desired. This Technical Specification addresses how security assurance can be stated for products where the risk of the security environment requires the support of such mechanisms. This Technical Specification addresses the following topics:
a survey of physical security attacks directed against different types of hardware embodiments including a description of known physical attacks, ranging from simple attacks that require minimal skill or resources, to complex attacks that require trained, technical people and considerable resources;
guidance on the principles, best practices and techniques for the design of tamper protection mechanisms and methods for the mitigation of those attacks; and
guidance on the evaluation or testing of hardware tamper protection mechanisms and references to current standards and test programs that address hardware tamper evaluation and testing.
The information in this Technical Specification is useful for product developers designing hardware security implementations, and testing or evaluation of the final product. The intent is to identify protection methods and attack methods in terms of complexity, cost and risk to the assets being protected. In this way cost effective protection can be produced across a wide range of systems and needs.
| Standards | Relationship |
| ISO/IEC TS 30104:2015 | Identical |
| ISO/IEC 19790:2012 | Information technology — Security techniques — Security requirements for cryptographic modules |
| ISO/IEC 24759:2017 | Information technology Security techniques Test requirements for cryptographic modules |
| ISO/IEC 18045:2008 | Information technology — Security techniques — Methodology for IT security evaluation |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.