docs(threat_model): mark power analysis threats out-of-scope Exclude the threat of power analysis side-channel attacks from consideration in the TF-A generic threat model. Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: I5b245f33609fe8948e473ce4484898db5ff8db4d (cherry picked from commit 077d8b39bc982bb86bd1a78a5ff0d98a8a6d4c1b)

commit: 11cb0962f7ac35cfecd8e731cee4e7b6095c0faa [log] [tgz]
author: Manish V Badarkhe <Manish.Badarkhe@arm.com> Mon Feb 12 11:56:56 2024 +0000
committer: Yann Gautier <yann.gautier@st.com> Fri Mar 08 19:07:37 2024 +0100
tree: b1263b721e143aa898f19f4b7428dc06c9b7dd28
parent: 3e3ff298a61473ce7536484a592fa74670b1ae84 [diff] [blame]
diff --git a/docs/threat_model/threat_model.rst b/docs/threat_model/threat_model.rst
index 0da2558..58ca281 100644
--- a/docs/threat_model/threat_model.rst
+++ b/docs/threat_model/threat_model.rst

@@ -161,6 +161,15 @@
   ion beam (FIB) workstation or decapsulate the chip using chemicals) is
   considered out-of-scope.
 
+  Certain non-invasive physical attacks that do not need modifications to the
+  chip, notably those like Power Analysis Attacks, are out-of-scope. Power
+  analysis side-channel attacks represent a category of security threats that
+  capitalize on information leakage through a device's power consumption during
+  its normal operation. These attacks leverage the correlation between a
+  device's power usage and its internal data processing activities. This
+  correlation provides attackers with the means to extract sensitive
+  information, including cryptographic keys.
+
 Threat Types
 ============
commit	11cb0962f7ac35cfecd8e731cee4e7b6095c0faa	[log] [tgz]
author	Manish V Badarkhe <Manish.Badarkhe@arm.com>	Mon Feb 12 11:56:56 2024 +0000
committer	Yann Gautier <yann.gautier@st.com>	Fri Mar 08 19:07:37 2024 +0100
tree	b1263b721e143aa898f19f4b7428dc06c9b7dd28
parent	3e3ff298a61473ce7536484a592fa74670b1ae84 [diff] [blame]