research-article Free Access
- Authors:
- Maryam Esmaeilian School of Computer Engineering, Iran University of Science and Technology (IUST), Iran
School of Computer Engineering, Iran University of Science and Technology (IUST), Iran
Search about this author
- Hakem Beitollahi School of Computer Engineering, Iran University of Science and Technology (IUST), Iran
School of Computer Engineering, Iran University of Science and Technology (IUST), Iran
Search about this author
Volume 104Issue CFeb 2024https://doi.org/10.1016/j.micpro.2023.104991
Published:17 April 2024Publication History
- 0citation
- 0
- Downloads
Metrics
Total Citations0Total Downloads0Last 12 Months0
Last 6 weeks0
- Get Citation Alerts
New Citation Alert added!
This alert has been successfully added and will be sent to:
You will be notified whenever a record that you have chosen has been cited.
To manage your alert preferences, click on the button below.
Manage my Alerts
New Citation Alert!
Please log in to your account
- Publisher Site
Volume 104, Issue C
PreviousArticleNextArticle
Abstract
Abstract
Today, the use of embedded processors is increasing dramatically and they are used in all aspects from our daily life to security applications. Physical access to hardware has made the hardware security a major concern. Hardware attacks compromise the hardware security by physically accessing target devices. Among the available techniques for hardware attacks, Fault Injection Attacks (FIAs), such as clock glitching, are one of the most harmful types of non-invasive attacks that can disrupt the operation of an embedded system. Thus, it will be important and fundamental to evaluate embedded software programs before using them in critical applications and check their vulnerability against fault injection attacks. However, it is often difficult for software developers to assess vulnerabilities. In this paper, an easy-to-use platform is presented to facilitate the process of evaluating the vulnerability of programs running on embedded processors against clock glitching attacks. Our experimental results show the vulnerability window of RISC-V micro-architecture for different high-level C-functions. The results of this research can help the developers of embedded systems that are used in security applications to evaluate their system against clock glitching attacks with the least cost in a short time.
References
- [1] Baheti R., Gill H., Cyber-physical systems, Impact Control Technol. 12 (1) (2011) 161–166.Google Scholar
- [2] Kazemi Z., Hely D., Fazeli M., Beroulle V., A review on evaluation and configuration of fault injection attack instruments to design attack resistant MCU-based IoT applications, Electronics 9 (7) (2020) 1153.Google Scholar
- [3] GitHub - r3glisss/SecPump: A wireless infusion pump system workbench for security research — github.com, 2022, https://github.com/r3glisss/SecPump. [Accessed 11-Dec-2022].Google Scholar
- [4] Kazemi Z., Papadimitriou A., Hely D., Fazcli M., Beroulle V.,
Hardware security evaluation platform for MCU-based connected devices: application to healthcare IoT , in: 2018 IEEE 3rd International Verification and Security Workshop (IVSW), IEEE, 2018, pp. 87–92.Google Scholar - [5] Barenghi A., Bertoni G., Parrinello E., Pelosi G.,
Low voltage fault attacks on the RSA cryptosystem , in: 2009 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), IEEE, 2009, pp. 23–31.Google Scholar - [6] Potestad-Ordóñez F.E., Jiménez-Fernández C.J., Valencia-Barrero M., Vulnerability analysis of trivium fpga implementations, IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 25 (12) (2017) 3380–3389.Google Scholar
- [7] Thillard A., Prouff E., Roche T.,
Success through confidence: Evaluating the effectiveness of a side-channel attack , in: International Conference on Cryptographic Hardware and Embedded Systems, Springer, 2013, pp. 21–36.Google Scholar - [8] Overview ; ChipWhisperer 5.6.1 documentation — chipwhisperer.readthedocs.io, 2022, https://chipwhisperer.readthedocs.io/en/latest/getting-started.html. [Accessed 11-Dec-2022].Google Scholar
- [9] Karaklajić D., Schmidt J.-M., Verbauwhede I., Hardware designer’s guide to fault attacks, IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 21 (12) (2013) 2295–2306.Google Scholar
- [10] Piscitelli R., Bhasin S., Regazzoni F.,
Fault attacks, injection techniques and tools for simulation , in: Hardware Security and Trust, Springer, 2017, pp. 27–47.Google Scholar - [11] Barenghi A., Breveglieri L., Koren I., Naccache D., Fault injection attacks on cryptographic devices: Theory, practice, and countermeasures, Proc. IEEE 100 (11) (2012) 3056–3076.Google Scholar
- [12] Amiel F., Clavier C., Tunstall M.,
Fault analysis of DPA-resistant algorithms , in: International Workshop on Fault Diagnosis and Tolerance in Cryptography, Springer, 2006, pp. 223–236.Google Scholar - [13] Agoyan M., Dutertre J.-M., Naccache D., Robisson B., Tria A.,
When clocks fail: On critical paths and clock faults , in: International Conference on Smart Card Research and Advanced Applications, Springer, 2010, pp. 182–193.Google Scholar - [14] Schmidt J.-M., Hutter M., Optical and em fault-attacks on crt-based rsa: concrete results, 2007.Google Scholar
- [15] Govindavajhala S., Appel A.W.,
Using memory errors to attack a virtual machine , in: 2003 Symposium on Security and Privacy, 2003, IEEE, 2003, pp. 154–165.Google Scholar - [16] Skorobogatov S.P., Semi-invasive attacks: a new approach to hardware security analysis, 2005.Google Scholar
- [17] Giraud C.,
Dfa on aes , in: International Conference on Advanced Encryption Standard, Springer, 2004, pp. 27–41.Google Scholar - [18] Colombier B., Grandamme P., Vernay J., Chanavat É., Bossuet L., Laulanié L.d., Chassagne B.,
Multi-spot laser fault injection setup: new possibilities for fault injection attacks , in: International Conference on Smart Card Research and Advanced Applications, Springer, 2021, pp. 151–166.Google Scholar - [19] Selmke B., Strieder E., Heyszl J., Freud S., Damm T.,
Breaking black box crypto-devices using laser fault injection , in: International Symposium on Foundations and Practice of Security, Springer, 2022, pp. 75–90.Google Scholar - [20] L. Claudepierre, P.-Y. Péneau, D. Hardy, E. Rohou, TRAITOR: a low-cost evaluation platform for multifault injection, in: Proceedings of the 2021 International Symposium on Advanced Security on Software and Systems, 2021, pp. 51–56.Google Scholar
- [21] Zhang M., Liu Q.,
A digital and lightweight delay-based detector against fault injection attacks , in: 2021 IEEE International Symposium on Circuits and Systems (ISCAS), IEEE, 2021, pp. 1–5.Google Scholar - [22] Balasch J., Gierlichs B., Verbauwhede I.,
An in-depth and black-box characterization of the effects of clock glitches on 8-bit MCUs , in: 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography, IEEE, 2011, pp. 105–114.Google Scholar - [23] f*ckuda Y., Yoshida K., Fujino T., Fault injection attacks utilizing waveform pattern matching against neural networks processing on microcontroller, IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 105 (3) (2022) 300–310.Google Scholar
- [24] Martin H., Korak T., San Millán E., Hutter M., Fault attacks on STRNGs: Impact of glitches, temperature, and underpowering on randomness, IEEE Trans. Inf. Forensics Secur. 10 (2) (2014) 266–277.Google Scholar
- [25] O’flynn C., Chen Z.,
Chipwhisperer: An open-source platform for hardware embedded security research , in: Constructive Side-Channel Analysis and Secure Design: 5th International Workshop, COSADE 2014, Paris, France, April 13-15, 2014. Revised Selected Papers 5, Springer, 2014, pp. 243–260.Google Scholar - [26] Kazemi Z., Fault Injection Attacks on Embedded Applications: Characterization and Evaluation, (Ph.D. thesis) Université Grenoble Alpes [2020-....], 2022.Google Scholar
- [27] Waterman A., Lee Y., Patterson D.A., Asanovi K., The Risc-V Instruction Set Manual. Volume 1: User-Level Isa, Version 2.0, California Univ Berkeley Dept of Electrical Engineering and Computer Sciences, 2014.Google Scholar
- [28] Waterman A., Lee Y., Patterson D.A., Asanović K., The RISC-V Instruction Set Manual, Volume I: User-Level ISA, Version 2.1, EECS Department, University of California, Berkeley, 2016, URL http://www2.eecs.berkeley.edu/Pubs/TechRpts/2016/EECS-2016-118.html.Google Scholar
- [29] Documentation - SiFive — sifive.com, 2022, https://www.sifive.com/documentation. [Accessed 11-Dec-2022].Google Scholar
- [30] Kazemi Z., Fazeli M., Hely D., Beroulle V.,
Hardware security vulnerability assessment to identify the potential risks in a critical embedded application , in: 2020 IEEE 26th International Symposium on on-Line Testing and Robust System Design (IOLTS), IEEE, 2020, pp. 1–6.Google Scholar
Cited By
View all
Recommendations
- Inducing local timing fault through EM injection
DAC '18: Proceedings of the 55th Annual Design Automation Conference
Electromagnetic fault injection (EMFI) is an efficient class of physical attacks that can compromise the immunity of secure cryptographic algorithms. Despite successful EMFI attacks, the effects of electromagnetic injection (EM) on a processor are not ...
Read More
- Network Attack Injection
Read More
- Defeating with fault injection a combined attack resistant exponentiation
COSADE'13: Proceedings of the 4th international conference on Constructive Side-Channel Analysis and Secure Design
Since the introduction of the side-channel and fault injection analysis late in the 90's, implementing cryptographic standards on embedded devices has become a difficult challenge. Developers were obliged to add new appropriate countermeasures into ...
Read More
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in
Full Access
Get this Article
- Information
- Contributors
Published in
Microprocessors & Microsystems Volume 104, Issue C
Feb 2024
111 pages
ISSN:0141-9331
Issue’s Table of Contents
Elsevier B.V.
Sponsors
In-Cooperation
Publisher
Elsevier Science Publishers B. V.
Netherlands
Publication History
- Published: 17 April 2024
Author Tags
- Hardware attack
- Hardware security
- Fault Injection Attack(FIA)
- Clock glitching
Qualifiers
- research-article
Conference
Funding Sources
Other Metrics
View Article Metrics
- Bibliometrics
- Citations0
Article Metrics
- View Citations
Total Citations
Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
This publication has not been cited yet
Digital Edition
View this article in digital edition.
View Digital Edition
- Figures
- Other
Close Figure Viewer
Browse AllReturn
Caption
View Issue’s Table of Contents