Skip to main content

Microarchitectural Insights into Unexplained Behaviors Under Clock Glitch Fault Injection

  • Conference paper
  • First Online:
Smart Card Research and Advanced Applications (CARDIS 2023)

Abstract

With the widespread use of embedded system devices, hardware designers and software developers started paying more attention to security issues in order to protect these devices from potential threats. Physical attacks represent an important threat to these devices, and fault injection is one of the major physical attacks. However, misunderstanding the effects of the fault injection would lead to proposing either over-protections or under-protections for these devices, thus affecting the performance/cost ratio and/or the security of the device. In this article, we provide a better representation of occurring fault, as a result of clock glitch, through novel models, in order to better understand the effects of fault injection. Also, we examine their dependencies with respect to the target device and the target program. Finally, we make use of the presented fault models to break the control-flow integrity of a program by altering the value of the program counter, in order to provide an actual application example.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 49.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 64.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Alioto, M., Poli, M., Rocchi, S.: Differential power analysis attacks to precharged buses: a general analysis for symmetric-key cryptographic algorithms. IEEE Trans. Dependable Secure Comput. 7(3), 226–239 (2010)

    Article  Google Scholar 

  2. Alshaer, I., Colombier, B., Deleuze, C., Beroulle, V., Maistri, P.: Variable-length instruction set: feature or bug? In: 25th Euromicro Conference on Digital System Design, pp. 464–471. IEEE, Maspalomas (2022)

    Google Scholar 

  3. Alshaer, I., Colombier, B., Deleuze, C., Maistri, P., Beroulle, V.: Cross-layer inference methodology for microarchitecture-aware fault models. Microelectron. Reliab. 139, 114841 (2022)

    Article  Google Scholar 

  4. ARM Limited: ARM architecture reference manual Thumb-2 supplement. https://developer.arm.com/documentation/ddi0308/d. Accessed 24 February 2023

  5. ARM Limited: Armv7-m architecture reference manual. https://developer.arm.com/documentation/ddi0403/latest. Accessed 24 February 2023

  6. Baumann, R.: Radiation-induced soft errors in advanced semiconductor technologies. IEEE Trans. Device Mater. Reliab. 5(3), 305–316 (2005)

    Article  Google Scholar 

  7. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of eliminating errors in cryptographic computations. J. Cryptology 14, 101–119 (2001)

    Article  MathSciNet  Google Scholar 

  8. Buhren, R., Jacob, H.N., Krachenfels, T., Seifert, J.: One glitch to rule them all: Fault injection attacks against amd’s secure encrypted virtualization. In: Kim, Y., Kim, J., Vigna, G., Shi, E. (eds.) ACM SIGSAC Conference on Computer and Communications Security, pp. 2875–2889. ACM, Virtual Event, Republic of Korea (2021)

    Google Scholar 

  9. Dureuil, L., Potet, M.-L., de Choudens, P., Dumas, C., Clédière, J.: From code review to fault injection attacks: filling the gap using fault model inference. In: Homma, N., Medwed, M. (eds.) CARDIS 2015. LNCS, vol. 9514, pp. 107–124. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31271-2_7

    Chapter  Google Scholar 

  10. Khelil, F., Hamdi, M., Guilley, S., Danger, J., Selmane, N.: Fault analysis attack on an FPGA AES implementation. In: Aggarwal, A., Badra, M., Massacci, F. (eds.) International Conference on New Technologies, Mobility and Security, pp. 1–5. IEEE, Tangier (2008)

    Google Scholar 

  11. Khuat, V., Danger, J., Dutertre, J.: Laser fault injection in a 32-bit microcontroller: from the flash interface to the execution pipeline. In: Workshop on Fault Detection and Tolerance in Cryptography, pp. 74–85. IEEE, Milan (2021)

    Google Scholar 

  12. Laurent, J., Deleuze, C., Pebay-Peyroula, F., Beroulle, V.: Bridging the gap between RTL and software fault injection. ACM J. Emerg. Technol. Comput. Syst. 17(3), 38:1–38:24 (2021)

    Google Scholar 

  13. Moro, N., Dehbaoui, A., Heydemann, K., Robisson, B., Encrenaz, E.: Electromagnetic fault injection: towards a fault model on a 32-bit microcontroller. In: Fischer, W., Schmidt, J. (eds.) 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography, Los Alamitos, CA, USA, August 20, 2013, pp. 77–88. IEEE Computer Society (2013)

    Google Scholar 

  14. O’Flynn, C., Chen, Z.D.: ChipWhisperer: an open-source platform for hardware embedded security research. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 243–260. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10175-0_17

    Chapter  Google Scholar 

  15. Proy, J., Heydemann, K., Berzati, A., Majéric, F., Cohen, A.: A first ISA-level characterization of EM pulse effects on superscalar microarchitectures: a secure software perspective. In: International Conference on Availability, Reliability and Security, pp. 7:1–7:10. ACM, Canterbury (2019)

    Google Scholar 

  16. Randolph, M., Diehl, W.: Power side-channel attack analysis: a review of 20 years of study for the layman. Cryptography 4(2), 15 (2020)

    Article  Google Scholar 

  17. Shelton, M.A., Samwel, N., Batina, L., Regazzoni, F., Wagner, M., Yarom, Y.: ROSITA: towards automatic elimination of power-analysis leakage in ciphers. In: Annual Network and Distributed System Security Symposium. The Internet Society, Virtual event (2021)

    Google Scholar 

  18. Skorobogatov, S.P.: Local heating attacks on flash memory devices. In: Tehranipoor, M., Plusquellic, J. (eds.) IEEE International Workshop on Hardware-Oriented Security and Trust, pp. 1–6. IEEE Computer Society, San Francisco (2009)

    Google Scholar 

  19. Spensky, C., et al.: Glitching demystified: analyzing control-flow-based glitching attacks and defenses. In: IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 400–412. IEEE, Taipei (2021)

    Google Scholar 

  20. Timmers, N., Spruyt, A., Witteman, M.: Controlling PC on ARM using fault injection. In: Workshop on Fault Diagnosis and Tolerance in Cryptography, pp. 25–35. IEEE Computer Society, Santa Barbara (2016)

    Google Scholar 

  21. Tollec, S., Asavoae, M., Couroussé, D., Heydemann, K., Jan, M.: Exploration of fault effects on formal RISC-V microarchitecture models. In: Workshop on Fault Detection and Tolerance in Cryptography, pp. 73–83. IEEE, Virtual Event/Italy (2022)

    Google Scholar 

  22. Trouchkine, T., Bouffard, G., Clédière, J.: EM fault model characterization on SoCs: from different architectures to the same fault model. In: Workshop on Fault Detection and Tolerance in Cryptography, pp. 31–38. IEEE, Milan (2021)

    Google Scholar 

Download references

Acknowledgments

This work has been supported by the LabEx PERSYVAL-Lab (ANR-11-LABX-0025-01) and the French National Research Agency in the framework of the “Investissements d’avenir” program (ANR-15-IDEX-02).

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Ihab Alshaer .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Alshaer, I., Colombier, B., Deleuze, C., Beroulle, V., Maistri, P. (2024). Microarchitectural Insights into Unexplained Behaviors Under Clock Glitch Fault Injection. In: Bhasin, S., Roche, T. (eds) Smart Card Research and Advanced Applications. CARDIS 2023. Lecture Notes in Computer Science, vol 14530. Springer, Cham. https://doi.org/10.1007/978-3-031-54409-5_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-54409-5_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-54408-8

  • Online ISBN: 978-3-031-54409-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics