Analyzing the Fault Injection Sensitivity of Secure Embedded Software

Yuce, Bilgiday; Ghalaty, Nahid Farhady; Deshpande, Chinmay; Santapuri, Harika; Patrick, Conor; Nazhandali, Leyla; Schaumont, Patrick

doi:10.1145/3063311

Cited by 5 publications

(5 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[6] assumes that a single fault only impacts a single instruction during the execution, but this is not the case. [17] and [18] show that in pipelined processors, a single fault impacts several pipeline stages and then several instructions, not only one. These software protections can be bypassed even with a single fault [19], [20], [21].i III.…”

Section: State Of the Artmentioning

confidence: 99%

Processor Extensions for Hardware Instruction Replay against Fault Injection Attacks

Manssour

Lapôtre

Gogniat

et al. 2022

2022 25th International Symposium on Design and Diagnostics of Electronic Circuits and Systems (DDECS)

View full text Add to dashboard Cite

The paper explores hardware supports for replaying instructions to protect processors against some fault injection attacks. A replay instruction is added to the instruction set of a small 32-bit RISC processor to allow the automatic and parametrized replay of sequences of instructions. Various detection elements are added to the processor, implemented on FPGA, and compared in terms of performances, cost and fault coverage. The proposed extension leads to significant improvements compared to software protections for a small silicon overhead.

show abstract

Section: State Of the Artmentioning

confidence: 99%

Processor Extensions for Hardware Instruction Replay against Fault Injection Attacks

Manssour

Lapôtre

Gogniat

et al. 2022

2022 25th International Symposium on Design and Diagnostics of Electronic Circuits and Systems (DDECS)

View full text Add to dashboard Cite

show abstract

“…Microarchitecture-Aware Fault Injection Attacks (MAFIA) [18] are an effort to raise the abstraction level of fault injection simulation. MAFIA first profiles the target device in simulation to learn how clock glitch attacks affect the execution of different instructions.…”

Section: Related Workmentioning

confidence: 99%

SimpliFI: Hardware Simulation of Embedded Software Fault Attacks

Grycel

Schaumont

2021

Cryptography

Self Cite

View full text Add to dashboard Cite

Fault injection simulation on embedded software is typically captured using a high-level fault model that expresses fault behavior in terms of programmer-observable quantities. These fault models hide the true sensitivity of the underlying processor hardware to fault injection, and they are unable to correctly capture fault effects in the programmer-invisible part of the processor microarchitecture. We present SimpliFI, a simulation methodology to test fault attacks on embedded software using a hardware simulation of the processor running the software. We explain the purpose and advantage of SimpliFI, describe automation of the simulation framework, and apply SimpliFI on a BRISC-V embedded processor running an AES application.

show abstract

“…To provide comprehensive coverage of the attack surface, software-only mitigation techniques are insufficient [3,4,29]. This is because microarchitectural aspects of the processor such as pipeline effects, cache effects, and physical implementation are invisible to the software countermeasures.…”

Section: Mitigations Against Fault Attacksmentioning

confidence: 99%

“…In the evaluation we assume injection of biased faults in the loaded values, as loaded values have the largest critical section. [4] Figures 5 and 6 show the performance impact with respect to a baseline with no value prediction (and no attacks). Table 4 reports both the average speedup and the range of speedups (indicating the minimum and maximum speedups of benchmarks within each benchmark suite.)…”

Section: Vpsecmentioning

confidence: 99%

See 1 more Smart Citation

Improving Performance and Mitigating Fault Attacks Using Value Prediction

Sheikh

Cammarota

2018

Cryptography

View full text Add to dashboard Cite

We present Value Prediction for Security (VPsec), a novel hardware-only framework to counter fault attacks in modern microprocessors, while preserving the performance benefits of Value Prediction (VP.) VP is an elegant and hitherto mature microarchitectural performance optimization, which aims to predict the data value ahead of the data production with high prediction accuracy and coverage. Instances of VPsec leverage the state-of-the-art Value Predictors in an embodiment and system design to mitigate fault attacks in modern microprocessors. Specifically, VPsec implementations re-architect any baseline VP embodiment with fault detection logic and reaction logic to mitigate fault attacks to both the datapath and the value predictor itself. VPsec also defines a new mode of execution in which the predicted value is trusted rather than the produced value. From a microarchitectural design perspective, VPsec requires minimal hardware changes (negligible area and complexity impact) with respect to a baseline that supports VP, it has no software overheads (no increase in memory footprint or execution time), and it retains most of the performance benefits of VP under realistic attacks. Our evaluation of VPsec demonstrates its efficacy in countering fault attacks, as well as its ability to retain the performance benefits of VP on cryptographic workloads, such as OpenSSL, and non-cryptographic workloads, such as SPEC CPU 2006/2017.

show abstract

Analyzing the Fault Injection Sensitivity of Secure Embedded Software

Cited by 5 publications

References 31 publications

Processor Extensions for Hardware Instruction Replay against Fault Injection Attacks

Processor Extensions for Hardware Instruction Replay against Fault Injection Attacks

SimpliFI: Hardware Simulation of Embedded Software Fault Attacks

Improving Performance and Mitigating Fault Attacks Using Value Prediction

Contact Info

Product

Resources

About