Adversaries may target the trusted execution environment, such as the vehicle's secure boot process or cryptographic keys, to modify the system's behavior and maintain their presence within the vehicle's network. By tampering with these trusted components, adversaries can ensure that their unauthorized access and control persist even after reboots or software updates. This allows them to continue malicious activities, such as intercepting or manipulating vehicle communication, compromising safety systems, or stealing sensitive data.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.