Hardware Trojans – Attack Models
Whenever I am involved in a discussion about Hardware Trojans most questions are focused on the following topics / problems:
what would a professional attack look like?
how realistic is the attack by interfering with an integrated circuit?
and finally, is it even a real threat?
These questions will be discussed in that order. The Trojan-related attack models for integrated circuits are closely linked to the supply chain and the contractors in the silicon production process. Currently, microelectronics uses the so-called foundry model, which separates the production of chips (silicon) from the design of integrated circuits. The manufacturing is carried out by separate companies or business units within the same organization. This model takes its name from a similar process in the automotive industry (and heavy industry) where the design of the vehicle (machine) is done by companies and institutions other than steelworks and foundries. Sometimes a very large car company can afford to buy a steelwork, or a steelwork has shares of a car company. An example of analogy in the world of electronics would be Intel, which does both, designs and manufactures integrated circuits.[…]
https://adamkostrzewa.github.io/jekyll/update/2018/06/19/fabless-companies-en.html
Firmware Security 