Pin Multiplexing Attack
Embedded SoCs usually employ hundreds of pins connected to the electrical circuit. Some of these pins have a single defined purpose. For example, some only provide electricity or a clock signal. Since different equipment vendors with di- verse I/O requirements will use these SoCs, the SoC manufacturer produces its SoCs to use a certain physical pin for multiple mutually exclusive functionalities, depending on the application.The concept of redefining the functionality of the pin is called Pin Multiplexing and is one of the necessary specifications of the SoC design. Regarding the interaction of the Pin Multiplexing with OS, it is recommended by SoC vendors to only multiplex the pins during the startup since there is no interrupt for multiplexing. However, the user still can multiplex a pin at runtime and there is no limitation on that.
The current design of Pin Multiplexing in hardware level raises security questions. For example, assume that an application uses a particular peripheral controller connected to a pin with a particular multiplexing setup. At one point another application (second application) changes the multiplexing setup of the pin used by the first application. Once the pin is multiplexed, the physical connection to the first peripheral controller gets disconnected. However, since there is no interrupt at the hardware level, the OS will assume that the first peripheral controller is still available. Thus, the OS will continue to carry out the write and read operations requested by the application without any error.
The concept of changing the functionality of a pin connected to the I/O at the runtime is called Pin Multiplexing Attack.