FIVER – Robust Verification of Countermeasures against Fault Injections

Richter-Brockmann, Jan; Shahmirzadi, Aein Rezaei; Sasdrich, Pascal; Moradi, Amir; Güneysu, Tim

doi:10.46586/tches.v2021.i4.447-473

Cited by 19 publications

(8 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Formal analysis methods are mathematical procedures used in software verification. The authors of [34,36,54] utilized model-checking methods to analyze cryptography software for vulnerabilities. Given-Wilson et al [8] described a framework for run-time verification of fault-injected software binaries using model checking to validate the expected software properties defined as variables and constants at certain positions in the software.…”

Section: Software Vulnerability Analysismentioning

confidence: 99%

“…Although simulated processor-level modifications allow microarchitecturallevel tools to simulate effects that closely replicate actual hardware effects of fault injection attacks, instruction-level tools are easier to implement as they directly modify the assembly instructions and do not require knowledge of the processor architecture and working. Much of the literature has utilized simulation tools for the vulnerability analysis of safety-critical IoT software, such as cryptography software, password-checking procedures, and device firmware [23,30,34,36,62]. However, fault injection attacks can also affect the application software of an IoT system.…”

Section: Software Vulnerability Analysismentioning

confidence: 99%

“…Potet et al [31] analyzed the control flow graphs generated dynamically from the fault-injected executables. The techniques used in the literature to analyze the software fault injection output include model checking [34,36,54] and machine learning [7,33,55]. Model-checking methods utilize certain pre-defined model properties of the IoT software, such as security variables.…”

Section: Software Vulnerability Analysismentioning

confidence: 99%

See 2 more Smart Citations

A Systematic Review of Fault Injection Attacks on IoT Systems

2022

View full text Add to dashboard Cite

The field of the Internet of Things (IoT) is growing at a breakneck pace and its applications are becoming increasingly sophisticated with time. Fault injection attacks on IoT systems are aimed at altering software behavior by introducing faults into the hardware devices of the system. Attackers introduce glitches into hardware components, such as the clock generator, microcontroller, and voltage source, which can affect software functioning, causing it to misbehave. The methods proposed in the literature to handle fault injection attacks on IoT systems vary from hardware-based attack detection using system-level properties to analyzing the IoT software for vulnerabilities against fault injection attacks. This paper provides a systematic review of the various techniques proposed in the literature to counter fault injection attacks at both the system level and the software level to identify their limitations and propose solutions to address them. Hybrid attack detection methods at the software level are proposed to enhance the security of IoT systems against fault injection attacks. Solutions to the identified limitations are suggested using machine learning, dynamic code instrumentation tools, hardware emulation platforms, and concepts from the software testing domain. Future research possibilities, such as the use of software fault injection tools and supervised machine learning for attack detection at the software level, are investigated.

show abstract

Section: Software Vulnerability Analysismentioning

confidence: 99%

Section: Software Vulnerability Analysismentioning

confidence: 99%

Section: Software Vulnerability Analysismentioning

confidence: 99%

See 1 more Smart Citation

A Systematic Review of Fault Injection Attacks on IoT Systems

2022

View full text Add to dashboard Cite

show abstract

“…The target audience for this paper is developers of general-purpose software and not specifically cryptographic implementations. Although many fault simulators [1,5,6,14,[16][17][18]24,[26][27][28][29]31,33] can verify the implementations of cryptographic algorithms, we exclude them in this work because there is already an overview of such tools [4]. We found four fault simulators in the public domain suitable for such a developer, namely FiSim [25], ZOFI [23], ARMORY [13] and ARCHIE [12].…”

Section: Introductionmentioning

confidence: 99%

SoK: Assisted Fault Simulation

Adhikary,

Buhan

2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Fault injection attacks have caused implementations to behave unexpectedly, resulting in a spectacular bypass of security features and even the extraction of cryptographic keys. Clearly, developers want to ensure the robustness of the software against faults and eliminate production weaknesses that could lead to exploitation. Several fault simulators have been released that promise cost-effective evaluations against fault attacks. In this paper, we set out to discover how suitable such tools are, for a developer who wishes to create robust software against fault attacks. We found four open-source fault simulators that employ different techniques to navigate faults, which we objectively compare and discuss their benefits and drawbacks. Unfortunately, none of the four open-source fault simulators employ artificial intelligence (AI) techniques. However, AI was successfully applied to improve the fault simulation of cryptographic algorithms, though none of these tools is open source. We suggest improvements to open-source fault simulators inspired by the AI techniques used by cryptographic fault simulators.

show abstract

“…However, it is critical to ensure the protection of these detectors themselves against potential FIAs. There is a bunch of research work on the vulnerability of detectors [8] [9] to various types of Fault Injection Attacks (FIAs) as well as methods for protecting them. All of them assume that the detector is connected to the power supply, but none of them have been evaluated against FIA when the power is off.…”

Section: Introductionmentioning

confidence: 99%

Experimental Evaluation of Delayed-Based Detectors Against Power-off Attack

Esmaeilian,

Douadi,

Kazemi

et al. 2023

2023 IEEE 29th International Symposium on on-Line Testing and Robust System Design (IOLTS)

View full text Add to dashboard Cite

Embedded systems are vulnerable to significant security threats from Fault Injection Attacks (FIAs), which allow attackers to gain access to confidential information. While various attack detectors have been proposed in the literature to detect different types of FIAs, these detectors themselves are susceptible to such attacks and can be compromised. Hence, the robustness of these detectors is critical in maintaining the security of embedded systems. The focus of this study is to evaluate the robustness of digital circuits and delay-based digital detectors against a new type of FIA called Power-Off Attack (POA). POA occurs when the power to the chip is turned off, and the detectors are not active. Following a POA attack, the circuit or its detectors may not function properly when the power is turned back on, which can allow other attacks to be applied without being detected if the detectors are less sensitive. This study implements two detectors on Xilinx Artix-7 FPGAs and examines the impact of heating cycles on detector characteristics when the FPGA is in various states, including power-off, power-on, and inactive states (such as clock-freezing mode). Our experiments reveal that heating cycles in power-off mode can alter the FPGA component delays and the accuracy of its detectors, which highlights the vulnerability of these systems to POA and potential issues for embedded system security.

show abstract

FIVER – Robust Verification of Countermeasures against Fault Injections

Cited by 19 publications

References 21 publications

A Systematic Review of Fault Injection Attacks on IoT Systems

A Systematic Review of Fault Injection Attacks on IoT Systems

SoK: Assisted Fault Simulation

Experimental Evaluation of Delayed-Based Detectors Against Power-off Attack

Contact Info

Product

Resources

About