This paper analyzes the specification and secure vulnerabilities of PCI Express and presents a method to add a different functionality to the Expansion ROM image.The additional code can be injected into the Expansion ROM image because of the flaw in the integrity protection.The added code in the re-flashed Expansion ROM can tamper system Startup module and attack the kernel during its execution.A targeted experimental scenario is designed to prove the effect of the flaw in PCI Express.In the end,the detection methods and solutions are proposed to solve these issues.
展开▼
