SimpliFI: Hardware Simulation of Embedded Software Fault Attacks

Jacob Grycel; Patrick Schaumont

doi:10.3390/cryptography5020015

SimpliFI: Hardware Simulation of Embedded Software Fault Attacks

Cryptography ◽

10.3390/cryptography5020015 ◽

2021 ◽

Vol 5 (2) ◽

pp. 15

Author(s):

Jacob Grycel ◽

Patrick Schaumont

Keyword(s):

Fault Injection ◽

Embedded Software ◽

Fault Models ◽

Simulation Framework ◽

Embedded Processor ◽

Fault Attacks ◽

Simulation Methodology ◽

Fault Behavior ◽

Injection Simulation ◽

High Level

Fault injection simulation on embedded software is typically captured using a high-level fault model that expresses fault behavior in terms of programmer-observable quantities. These fault models hide the true sensitivity of the underlying processor hardware to fault injection, and they are unable to correctly capture fault effects in the programmer-invisible part of the processor microarchitecture. We present SimpliFI, a simulation methodology to test fault attacks on embedded software using a hardware simulation of the processor running the software. We explain the purpose and advantage of SimpliFI, describe automation of the simulation framework, and apply SimpliFI on a BRISC-V embedded processor running an AES application.

Download Full-text

FEDS: Comprehensive Fault Attack Exploitability Detection for Software Implementations of Block Ciphers

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2020.i2.272-299 ◽

2020 ◽

pp. 272-299

Author(s):

Keerthi K ◽

Indrani Roy ◽

Chester Rebeiro ◽

Aritra Hazra ◽

Swarup Bhunia

Keyword(s):

Fault Injection ◽

Comprehensive Assessment ◽

Fault Models ◽

Fault Attacks ◽

Fault Attack ◽

Injection Attacks ◽

Wide Range ◽

Software Implementations ◽

Implementation Level ◽

Automated Tools

Fault injection attacks are one of the most powerful forms of cryptanalytic attacks on ciphers. A single, precisely injected fault during the execution of a cipher like the AES, can completely reveal the key within a few milliseconds. Software implementations of ciphers, therefore, need to be thoroughly evaluated for such attacks. In recent years, automated tools have been developed to perform these evaluations. These tools either work on the cipher algorithm or on their implementations. Tools that work at the algorithm level can provide a comprehensive assessment of fault attack vulnerability for different fault attacks and with different fault models. Their application is, however, restricted because every realization of the cipher has unique vulnerabilities. On the other hand, tools that work on cipher implementations have a much wider application but are often restricted by the range of fault attacks and the number of fault models they can evaluate.In this paper, we propose a framework, called FEDS, that uses a combination of compiler techniques and model checking to merge the advantages of both, algorithmic level tools as well as implementation level tools. Like the algorithmic level tools, FEDS can provide a comprehensive assessment of fault attack exploitability considering a wide range of fault attacks and fault models. Like implementation level tools, FEDS works with implementations, therefore has wide application. We demonstrate the versatility of FEDS by evaluating seven different implementations of AES (including bitsliced implementation) and implementations of CLEFIA and CAMELLIA for Differential Fault Attacks. The framework automatically identifies exploitable instructions in all implementations. Further, we present an application of FEDS in a Fault Attack Aware Compiler, that can automatically identify and protect exploitable regions of the code. We demonstrate that the compiler can generate significantly more efficient code than a naïvely protected equivalent, while maintaining the same level of protection.

Download Full-text

Analysis of Single Event Effects on Embedded Processor

Electronics ◽

10.3390/electronics10243160 ◽

2021 ◽

Vol 10 (24) ◽

pp. 3160

Author(s):

Sarah Azimi ◽

Corrado De Sio ◽

Daniele Rizzieri ◽

Luca Sterpone

Keyword(s):

High Performance ◽

Fault Injection ◽

Fault Models ◽

Single Event ◽

Embedded Processor ◽

Single Event Effects ◽

Software Application ◽

Software Applications ◽

Radiation Induced ◽

The Impact

The continuous scaling of electronic components has led to the development of high-performance microprocessors which are even suitable for safety-critical applications where radiation-induced errors, such as single event effects (SEEs), are one of the most important reliability issues. This work focuses on the development of a fault injection environment capable of analyzing the impact of errors on the functionality of an ARM Cortex-A9 microprocessor embedded within a Zynq-7000 AP-SoC, considering different fault models affecting both the system memory and register resources of the embedded processor. We developed a novel Python-based fault injection platform for the emulation of radiation-induced faults within the AP-SoC hardware resources during the execution of software applications. The fault injection approach is not intrusive, and it does not require modifying the software application under evaluation. The experimental analyses have been performed on a subset of the MiBench benchmark software suite. Fault injection results demonstrate the capability of the developed method and the possibility of evaluating various sets of fault models.

Download Full-text

One-IPC high-level simulation of microthreaded many-core architectures

The International Journal of High Performance Computing Applications ◽

10.1177/1094342015584495 ◽

2016 ◽

Vol 31 (2) ◽

pp. 152-162 ◽

Cited By ~ 3

Author(s):

Irfan Uddin

Keyword(s):

Design Space Exploration ◽

Instruction Set ◽

Efficient Design ◽

Simulation Framework ◽

Fine Grained ◽

Detailed Simulation ◽

High Level ◽

Many Core ◽

The Cost ◽

Multiple Clusters

The microthreaded many-core architecture is comprised of multiple clusters of fine-grained multi-threaded cores. The management of concurrency is supported in the instruction set architecture of the cores and the computational work in application is asynchronously delegated to different clusters of cores, where the cluster is allocated dynamically. Computer architects are always interested in analyzing the complex interaction amongst the dynamically allocated resources. Generally a detailed simulation with a cycle-accurate simulation of the execution time is used. However, the cycle-accurate simulator for the microthreaded architecture executes at the rate of 100,000 instructions per second, divided over the number of simulated cores. This means that the evaluation of a complex application executing on a contemporary multi-core machine can be very slow. To perform efficient design space exploration we present a co-simulation environment, where the detailed execution of instructions in the pipeline of microthreaded cores and the interactions amongst the hardware components are abstracted. We present the evaluation of the high-level simulation framework against the cycle-accurate simulation framework. The results show that the high-level simulator is faster and less complicated than the cycle-accurate simulator but with the cost of losing accuracy.

Download Full-text

Fault Injection Simulation: A Variance Reduction Technique for Systems with Rare Events

Dependable Computing for Critical Applications 2 - Dependable Computing and Fault-Tolerant Systems ◽

10.1007/978-3-7091-9198-9_6 ◽

1992 ◽

pp. 115-134 ◽

Cited By ~ 1

Author(s):

Aad P. A. van Moorsel ◽

Boudewijn R. Haverkort ◽

Ignas G. Niemegeers

Keyword(s):

Variance Reduction ◽

Rare Events ◽

Fault Injection ◽

Reduction Technique ◽

Variance Reduction Technique ◽

Injection Simulation

Download Full-text

Analyzing the Fault Injection Sensitivity of Secure Embedded Software

ACM Transactions on Embedded Computing Systems ◽

10.1145/3063311 ◽

2017 ◽

Vol 16 (4) ◽

pp. 1-25 ◽

Cited By ~ 2

Author(s):

Bilgiday Yuce ◽

Nahid Farhady Ghalaty ◽

Chinmay Deshpande ◽

Harika Santapuri ◽

Conor Patrick ◽

...

Keyword(s):

Fault Injection ◽

Embedded Software

Download Full-text

Fault Attacks on Secure Embedded Software: Threats, Design, and Evaluation

Journal of Hardware and Systems Security ◽

10.1007/s41635-018-0038-1 ◽

2018 ◽

Vol 2 (2) ◽

pp. 111-130 ◽

Cited By ~ 18

Author(s):

Bilgiday Yuce ◽

Patrick Schaumont ◽

Marc Witteman

Keyword(s):

Embedded Software ◽

Fault Attacks

Download Full-text

A Review on Evaluation and Configuration of Fault Injection Attack Instruments to Design Attack Resistant MCU-Based IoT Applications

Electronics ◽

10.3390/electronics9071153 ◽

2020 ◽

Vol 9 (7) ◽

pp. 1153

Author(s):

Zahra Kazemi ◽

David Hely ◽

Mahdi Fazeli ◽

Vincent Beroulle

Keyword(s):

Fault Injection ◽

Low Cost ◽

Security And Privacy ◽

Production Cycle ◽

Fault Attacks ◽

Primary Means ◽

Level Of Knowledge ◽

Iot Devices ◽

Fault Injection Attack ◽

Evaluation Platform

The Internet-of-Things (IoT) has gained significant importance in all aspects of daily life, and there are many areas of application for it. Despite the rate of expansion and the development of infrastructure, such systems also bring new concerns and challenges. Security and privacy are at the top of the list and must be carefully considered by designers and manufacturers. Not only do the devices need to be protected against software and network-based attacks, but proper attention must also be paid to recently emerging hardware-based attacks. However, low-cost unit software developers are not always sufficiently aware of existing vulnerabilities due to these kinds of attacks. To tackle the issue, various platforms are proposed to enable rapid and easy evaluation against physical attacks. Fault attacks are the noticeable type of physical attacks, in which the normal and secure behavior of the targeted devices is liable to be jeopardized. Indeed, such attacks can cause serious malfunctions in the underlying applications. Various studies have been conducted in other research works related to the different aspects of fault injection. Two of the primary means of fault attacks are clock and voltage fault injection. These attacks can be performed with a moderate level of knowledge, utilizing low-cost facilities to target IoT systems. In this paper, we explore the main parameters of the clock and voltage fault generators. This can help hardware security specialists to develop an open-source platform and to evaluate their design against such attacks. The principal concepts of both methods are studied for this purpose. Thereafter, we conclude our paper with the need for such an evaluation platform in the design and production cycle of embedded systems and IoT devices.

Download Full-text

An Efficient Erection Simulation Methodology for the Modular Construction of Offshore Platform Based on Points Cloud Data

Volume 1: Offshore Technology; Offshore Geotechnics ◽

10.1115/omae2015-41249 ◽

2015 ◽

Author(s):

Jung Kwan Seo ◽

Deok Eun Kim

Keyword(s):

Laser Scanning ◽

Three Dimensional ◽

Measurement Data ◽

Construction Process ◽

Modular Construction ◽

Simulation Framework ◽

Simulation Methodology ◽

Cloud Data ◽

Simulation Techniques ◽

Simulation Systems

Requests for the accurate planning of the erection process using modelling and simulation techniques have recently increased in many engineering fields, including shipbuilding and the offshore industries. In this study, an efficient erection simulation framework is proposed based on three-dimensional (3-D) measurement data that can support the development of various simulation systems for modular construction planning in the offshore and shipbuilding industries. The proposed simulation framework can be used to predict the erection state to optimise any gap, weak point and/or overlap of the modular construction process on the basis of 3-D laser scanning measurement data. To evaluate the efficiency and applicability of the proposed simulation framework, the framework is applied to the drillship modular erection process. The results show that the proposed simulation framework provides a consistent, integrated developmental environment for an erection process in the offshore industries. In addition, it can be expected that the time costs and risks of on-site fatality associated with the erection process will be reduced.

Download Full-text

SWAN: high-level simulation methodology for digital substrate noise generation

IEEE Transactions on Very Large Scale Integration (VLSI) Systems ◽

10.1109/tvlsi.2005.863191 ◽

2006 ◽

Vol 14 (1) ◽

pp. 23-33 ◽

Cited By ~ 20

Author(s):

M. Badaroglu ◽

G. Van der Plas ◽

P. Wambacq ◽

S. Donnay ◽

G.G.E. Gielen ◽

...

Keyword(s):

Noise Generation ◽

Substrate Noise ◽

Simulation Methodology ◽

High Level

Download Full-text

Software Fault Injection Testing of the Embedded Software of a Satellite Launch Vehicle

IEEE Potentials ◽

10.1109/mpot.2012.2236150 ◽

2013 ◽

Vol 32 (5) ◽

pp. 38-44 ◽

Cited By ~ 2

Author(s):

A. Samuel ◽

N. Jayalal ◽

B. Valsa ◽

C. A. Ignatious ◽

J. Zachariah

Keyword(s):

Fault Injection ◽

Embedded Software ◽

Launch Vehicle ◽

Software Fault ◽

Satellite Launch Vehicle

Download Full-text