Test 1
TEST 1
Test Case: BIS-2.8.1 Test Name: TC_EVALUATE_FIRMWARE_UPDATE_SECURITY
Objective:
Testing, in the presence of the OEM team, to verify the measures implemented in the device to make it resistant to time-of-check vs. time-of-use (TOCTOU) attacks.
Tools Used:
Wireshark (optional – for monitoring update traffic)
File Integrity Monitoring Scripts
SCP/SSH for file modification attempts
Logging tools / OEM debug console
Custom script to swap update binary mid-process (if applicable)
Test Execution Steps:
Initiate the firmware update process using a valid and signed image.
After the authenticity and integrity checks have passed but before installation begins, replace the verified firmware image with a tampered version.
Observe the device behavior:
Does it re-validate the image just before use?
Does it detect any manipulation?
Monitor update logs and security events generated by the system.
Attempt a real-time interception of the firmware file being loaded for update (e.g., via MITM or filesystem-level replacement).
Expected Results for Pass:
The device must re-validate the update file immediately before execution.
Any tampering after initial validation should be detected and blocked.
Device must abort or roll back the update.
Proper logs should be generated (e.g., hash mismatch, signature verification failure).
Test Observations:
(To be filled post-testing, e.g.):
Tampered firmware was detected and update was aborted.
Real-time signature validation observed during second phase of update.
No partial execution of tampered code occurred.
Evidence Provided:
Firmware update logs from DUT
Screenshots of failure or alert messages
Network captures or console outputs
Confirmation from OEM team
Test Case Result:
(Pass/Fail – based on DUT behavior and validation checks)
Overall Test Result:
(Pass/Fail – for Section 2.8 based on test case outcome)
Last updated
Was this helpful?