ITU-T Recommendations

The goal of mobile terminal integrity protection is to ensure that a mobile terminal behaves in an expected manner. That means, hardware, firmware and software (e.g., operating system, pre-installed apps) on the mobile terminal have not been compromised by any means or in any way. If an attacker compromises firmware or software, or modifies the configuration of hardware (e.g., ROM, retention cells), or changes the hardware (e.g., flash memory), the attacker could control or subvert functionality of the mobile terminal.
When a mobile terminal switches on, it begins with a boot phase to verify hardware components and load one or more software modules. After that, the mobile terminal enters a runtime phase and reaches an operational state, in which the mobile terminal is ready for its intended purpose. To fix the vulnerabilities and weaknesses of firmware/software (FW/SW), the mobile terminal needs to be updated from time to time. This is called FW/SW update phase. Each of these phases is an opportunity for an attacker to introduce security threats to the integrity of mobile terminal.
Recommendation ITU-T X.1129 analyses security threats to mobile terminal during the boot phase, runtime phase and FW/SW update phase, and defines security requirements and provides security guidelines for mobile terminal integrity protection.