Automatic Application of Software Countermeasures Against Physical Attacks

Abstract: While the number of embedded systems is continuously increasing, securing software against physical attacks is costly and error-prone. Several works proposed solutions that automatically insert protections against these attacks in order to reduce this cost and this risk of error. In this paper, we present a survey of existing approaches, and classify them by the level at which they apply the countermeasure. We consider three different levels: the source code level, the compilation level and the assembly/binary… Show more

“…• condition 1: all n-successful attack paths of P are detected in P ; • condition 2: P should not introduce new attack path at order less or equal than n. For instance the naive placement algorithm (Table V) protects all IPs in the program P with a vulnerability level of at least n + 1. This algorithm generalizes, in the context of robustness of order n, the approach implemented in many systematic countermeasures placement tools [24], [5], [19] against 1-fault. Proposition 1 holds in this case since no injection point of P can be bypassed in less than n + 1 faults (whatever is the attack objective S).…”

“…There exist tools adding countermeasures, generally at compilation-time. They are dedicated to particular fault models (data modification, instruction skip, flow integrity) [17], [26], [5], for instance by adding redundant checks or duplicating idempotent instructions. Nevertheless these tools generally target single fault robustness, where countermeasures themselves cannot be faulted.…”

A Compositional Methodology to Harden Programs Against Multi-Fault Attacks

“…• condition 1: all n-successful attack paths of P are detected in P ; • condition 2: P should not introduce new attack path at order less or equal than n. For instance the naive placement algorithm (Table V) protects all IPs in the program P with a vulnerability level of at least n + 1. This algorithm generalizes, in the context of robustness of order n, the approach implemented in many systematic countermeasures placement tools [24], [5], [19] against 1-fault. Proposition 1 holds in this case since no injection point of P can be bypassed in less than n + 1 faults (whatever is the attack objective S).…”

“…There exist tools adding countermeasures, generally at compilation-time. They are dedicated to particular fault models (data modification, instruction skip, flow integrity) [17], [26], [5], for instance by adding redundant checks or duplicating idempotent instructions. Nevertheless these tools generally target single fault robustness, where countermeasures themselves cannot be faulted.…”

A Compositional Methodology to Harden Programs Against Multi-Fault Attacks

Rewrite to Reinforce: Rewriting the Binary to Apply Countermeasures against Fault Injection

Maskara: Compilation of a Masking Countermeasure With Optimized Polynomial Interpolation