Abstract
With the widespread use of embedded system devices, hardware designers and software developers started paying more attention to security issues in order to protect these devices from potential threats. Physical attacks represent an important threat to these devices, and fault injection is one of the major physical attacks. However, misunderstanding the effects of the fault injection would lead to proposing either over-protections or under-protections for these devices, thus affecting the performance/cost ratio and/or the security of the device. In this article, we provide a better representation of occurring fault, as a result of clock glitch, through novel models, in order to better understand the effects of fault injection. Also, we examine their dependencies with respect to the target device and the target program. Finally, we make use of the presented fault models to break the control-flow integrity of a program by altering the value of the program counter, in order to provide an actual application example.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alioto, M., Poli, M., Rocchi, S.: Differential power analysis attacks to precharged buses: a general analysis for symmetric-key cryptographic algorithms. IEEE Trans. Dependable Secure Comput. 7(3), 226–239 (2010)
Alshaer, I., Colombier, B., Deleuze, C., Beroulle, V., Maistri, P.: Variable-length instruction set: feature or bug? In: 25th Euromicro Conference on Digital System Design, pp. 464–471. IEEE, Maspalomas (2022)
Alshaer, I., Colombier, B., Deleuze, C., Maistri, P., Beroulle, V.: Cross-layer inference methodology for microarchitecture-aware fault models. Microelectron. Reliab. 139, 114841 (2022)
ARM Limited: ARM architecture reference manual Thumb-2 supplement. https://developer.arm.com/documentation/ddi0308/d. Accessed 24 February 2023
ARM Limited: Armv7-m architecture reference manual. https://developer.arm.com/documentation/ddi0403/latest. Accessed 24 February 2023
Baumann, R.: Radiation-induced soft errors in advanced semiconductor technologies. IEEE Trans. Device Mater. Reliab. 5(3), 305–316 (2005)
Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of eliminating errors in cryptographic computations. J. Cryptology 14, 101–119 (2001)
Buhren, R., Jacob, H.N., Krachenfels, T., Seifert, J.: One glitch to rule them all: Fault injection attacks against amd’s secure encrypted virtualization. In: Kim, Y., Kim, J., Vigna, G., Shi, E. (eds.) ACM SIGSAC Conference on Computer and Communications Security, pp. 2875–2889. ACM, Virtual Event, Republic of Korea (2021)
Dureuil, L., Potet, M.-L., de Choudens, P., Dumas, C., Clédière, J.: From code review to fault injection attacks: filling the gap using fault model inference. In: Homma, N., Medwed, M. (eds.) CARDIS 2015. LNCS, vol. 9514, pp. 107–124. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31271-2_7
Khelil, F., Hamdi, M., Guilley, S., Danger, J., Selmane, N.: Fault analysis attack on an FPGA AES implementation. In: Aggarwal, A., Badra, M., Massacci, F. (eds.) International Conference on New Technologies, Mobility and Security, pp. 1–5. IEEE, Tangier (2008)
Khuat, V., Danger, J., Dutertre, J.: Laser fault injection in a 32-bit microcontroller: from the flash interface to the execution pipeline. In: Workshop on Fault Detection and Tolerance in Cryptography, pp. 74–85. IEEE, Milan (2021)
Laurent, J., Deleuze, C., Pebay-Peyroula, F., Beroulle, V.: Bridging the gap between RTL and software fault injection. ACM J. Emerg. Technol. Comput. Syst. 17(3), 38:1–38:24 (2021)
Moro, N., Dehbaoui, A., Heydemann, K., Robisson, B., Encrenaz, E.: Electromagnetic fault injection: towards a fault model on a 32-bit microcontroller. In: Fischer, W., Schmidt, J. (eds.) 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography, Los Alamitos, CA, USA, August 20, 2013, pp. 77–88. IEEE Computer Society (2013)
O’Flynn, C., Chen, Z.D.: ChipWhisperer: an open-source platform for hardware embedded security research. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 243–260. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10175-0_17
Proy, J., Heydemann, K., Berzati, A., Majéric, F., Cohen, A.: A first ISA-level characterization of EM pulse effects on superscalar microarchitectures: a secure software perspective. In: International Conference on Availability, Reliability and Security, pp. 7:1–7:10. ACM, Canterbury (2019)
Randolph, M., Diehl, W.: Power side-channel attack analysis: a review of 20 years of study for the layman. Cryptography 4(2), 15 (2020)
Shelton, M.A., Samwel, N., Batina, L., Regazzoni, F., Wagner, M., Yarom, Y.: ROSITA: towards automatic elimination of power-analysis leakage in ciphers. In: Annual Network and Distributed System Security Symposium. The Internet Society, Virtual event (2021)
Skorobogatov, S.P.: Local heating attacks on flash memory devices. In: Tehranipoor, M., Plusquellic, J. (eds.) IEEE International Workshop on Hardware-Oriented Security and Trust, pp. 1–6. IEEE Computer Society, San Francisco (2009)
Spensky, C., et al.: Glitching demystified: analyzing control-flow-based glitching attacks and defenses. In: IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 400–412. IEEE, Taipei (2021)
Timmers, N., Spruyt, A., Witteman, M.: Controlling PC on ARM using fault injection. In: Workshop on Fault Diagnosis and Tolerance in Cryptography, pp. 25–35. IEEE Computer Society, Santa Barbara (2016)
Tollec, S., Asavoae, M., Couroussé, D., Heydemann, K., Jan, M.: Exploration of fault effects on formal RISC-V microarchitecture models. In: Workshop on Fault Detection and Tolerance in Cryptography, pp. 73–83. IEEE, Virtual Event/Italy (2022)
Trouchkine, T., Bouffard, G., Clédière, J.: EM fault model characterization on SoCs: from different architectures to the same fault model. In: Workshop on Fault Detection and Tolerance in Cryptography, pp. 31–38. IEEE, Milan (2021)
Acknowledgments
This work has been supported by the LabEx PERSYVAL-Lab (ANR-11-LABX-0025-01) and the French National Research Agency in the framework of the “Investissements d’avenir” program (ANR-15-IDEX-02).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Alshaer, I., Colombier, B., Deleuze, C., Beroulle, V., Maistri, P. (2024). Microarchitectural Insights into Unexplained Behaviors Under Clock Glitch Fault Injection. In: Bhasin, S., Roche, T. (eds) Smart Card Research and Advanced Applications. CARDIS 2023. Lecture Notes in Computer Science, vol 14530. Springer, Cham. https://doi.org/10.1007/978-3-031-54409-5_1
Download citation
DOI: https://doi.org/10.1007/978-3-031-54409-5_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-54408-8
Online ISBN: 978-3-031-54409-5
eBook Packages: Computer ScienceComputer Science (R0)