The security of a Public Key Infrastructure (PKI) system, which uses X.509 certificates, is fundamentally based on the secrecy of the private key. To spoof a device's management portal with a trusted certificate, an attacker must possess the corresponding private key. If this key is stored in an unsecure, readable location like non-volatile flash memory without proper encryption or hardware protection (e.g., a Trusted Platform Module or Secure Element), an attacker can extract it. With the private key, the attacker can impersonate the device, decrypt traffic, and successfully spoof its identity to clients.

A. Bootloader code is stored in unsecure flash memory: This is a critical vulnerability that can lead to a full system compromise, but it is an indirect cause. The attacker would first need to exploit this to then access the private key.

B. The portal's certificate is stored in unsecure flash memory: The certificate contains the public key and is, by design, public information. Storing it in an unsecure location does not create a vulnerability for spoofing.

D. Firmware is loaded from flash using unsecure object references: This vulnerability could allow an attacker to load malicious firmware, but like the bootloader issue, it is a potential attack vector to gain access, not the direct cause of the certificate compromise itself.

1. National Institute of Standards and Technology (NIST). (2020). IoT Device Cybersecurity Capability Core Baseline (NISTIR 8259A).

Reference: Section 3.2.3

"Data Protection

" Capability: "The device can protect the data it stores from unauthorized access and modification." The discussion notes emphasize protecting sensitive data stored on the device

such as keys and credentials. Storing a private key in unsecure flash violates this core capability.

2. OWASP Foundation. (2018). OWASP Internet of Things Top 10 - 2018.

Reference: Section "I5 - Insecure Data Storage." This document explicitly lists "private keys" as sensitive information that is often stored insecurely on IoT devices or in their mobile applications. The document states that a lack of encryption or access control for this data is a primary cause of compromise.

3. Purdue University. (n.d.). ECE 565: Computer and Network Security - Lecture 15: Embedded Systems Security.

Reference: Course lecture slides on Embedded Systems Security. The material discusses threats to embedded systems

including the extraction of cryptographic keys from non-volatile memory (flash). It highlights that if keys are not protected by a hardware security module (HSM) or secure element

they are vulnerable to physical and software-based extraction attacks.