Access to a device is exploited to alter its function or cause
its function to be used in unanticipated ways. Examples include removing
shielding from a wire so as to cause more easily received electromagnetic
emanations, reprogramming a bus device to deny services at a hardware level,
and altering microcode so as to associate attacker-defined hardware functions
with otherwise unused operation codes.
Complexity: Since hardware devices
are, in general, at least as complex as software devices, the complexity of
detecting such a flaw would appear to be at least NP-complete. Injecting
such a flaw, on the other hand, appears to be quite simple - given physical
access to a device.
fc@red.a.net