The State of Fault Injection Vulnerability Detection

Abstract: Fault injection is a well known method to test the robustness and security vulnerabilities of software. Fault injections can be explored by simulations (cheap, but not validated) and hardware experiments (true, but very expensive). Recent simulation works have started to apply formal methods to the detection, analysis, and prevention of fault injection attacks to address verifiability. However, these approaches are ad-hoc and extremely limited in architecture, fault model, and breadth of application. Further, … Show more

“…In the past decade, multiple studies have focused on characterizing the effects of embedded software fault attacks on various platforms. While the results vary by platform, authors agree that most results can be explained by replacing the original instruction with a different one [10][11][12][13]. Hence, these results confirm empirically what we would expect to determine with SimpliFI in a simulation.…”

SimpliFI: Hardware Simulation of Embedded Software Fault Attacks

“…In the past decade, multiple studies have focused on characterizing the effects of embedded software fault attacks on various platforms. While the results vary by platform, authors agree that most results can be explained by replacing the original instruction with a different one [10][11][12][13]. Hence, these results confirm empirically what we would expect to determine with SimpliFI in a simulation.…”

SimpliFI: Hardware Simulation of Embedded Software Fault Attacks

Brief Announcement: Effectiveness of Code Hardening for Fault-Tolerant IoT Software

An end-to-end approach to identify and exploit multi-fault injection vulnerabilities on microcontrollers