Skip to main content
SpringerLink
Log in

Fault Attacks on Secure Embedded Software: Threats, Design, and Evaluation

  • Published:
Journal of Hardware and Systems Security Aims and scope Submit manuscript

Abstract

Embedded software is developed under the assumption that hardware execution is always correct. Fault attacks break and exploit that assumption. Through the careful introduction of targeted faults, an adversary modifies the control flow or data flow integrity of software. The modified program execution is then analyzed and used as a source of information leakage, or as a mechanism for privilege escalation. Due to the increasing complexity of modern embedded systems, and due to the difficulty of guaranteeing correct hardware execution even under a weak adversary, fault attacks are a growing threat. For example, the assumption that an adversary has to be close to the physical execution of software, in order to inject an exploitable fault into hardware, has repeatedly been shown to be incorrect. This article is a review on hardware-based fault attacks on software, with emphasis on the context of embedded systems. We present a detailed discussion of the anatomy of a fault attack, and we make a review of fault attack evaluation techniques. The paper emphasizes the perspective from the attacker, rather than the perspective of countermeasure development. However, we emphasize that improvements to countermeasures often build on insight into the attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Lipp M, Schwarz M, Gruss D, Prescher T, Haas W, Mangard S, Kocher P, Genkin D, Yarom Y, Hamburg M (2018) Meltdown, arXiv:1801.01207

  2. Kocher P, Genkin D, Gruss D, Haas W, Hamburg M, Lipp M, Mangard S, Prescher T, Schwarz M, Yarom Y (2018) Spectre attacks: exploiting speculative execution, arXiv:1801.01203

  3. Piessens F, Verbauwhede I (2016) Software security: vulnerabilities and countermeasures for two attacker models. In: Design Automation &, test in Europe conference & exhibition (DATE), pp 990–999

  4. Witteman M, Oostdijk M (2008) Secure application programming in the presence of side channel attacks. In: RSA Conference, vol 2008

  5. Yuce B, Ghalaty NF, Deshpande C, Patrick C, Nazhandali L, Schaumont P (2016) FAME: fault-attack aware microprocessor extensions for hardware fault detection and software fault response. In: Hardware and Architectural Support for Security and Privacy (HASP). ACM, p 8

  6. Barenghi A, Breveglieri L, Koren I, Naccache D (2012) Fault injection attacks on cryptographic devices: theory, practice, and countermeasures. Proc IEEE 100(11):3056–3076

    Article  Google Scholar 

  7. Joye M, Tunstall M (eds) (2012) Fault analysis in cryptography, ser. Information security and cryptography. Springer, Berlin

  8. Galathy NF, Yuce B, Schaumont P (2017) A systematic approach to fault attack resistant design. In: Fundamentals of IP and SoC security, pp 223–245. Springer

  9. Moro N, Dehbaoui A, Heydemann K, Robisson B, Encrenaz E (2013) Electromagnetic fault injection: towards a fault model on a 32-bit microcontroller. In: 2013 Workshop on fault diagnosis and tolerance in cryptography (FDTC), pp 77–88. IEEE

  10. Courbon F, Loubet-Moundi P, Fournier JJ, Tria A (2014) Adjusting laser injections for fully controlled faults. In: International Workshop on constructive side-channel analysis and secure design, pp 229–242. Springer

  11. Yuce B, Ghalaty NF, Schaumont P (2015) Improving fault attacks on embedded software using risc pipeline characterization. In: Proc. of FDTC’15, pp 97–108

  12. Li Y, Sakiyama K, Gomisawa S, Fukunaga T, Takahashi J, Ohta K (2010) Fault sensitivity analysis. In: Proc. of CHES’10, pp 320–334

  13. Bhattacharya S, Mukhopadhyay D (2017) Formal fault analysis of branch predictors: attacking countermeasures of asymmetric key ciphers. J Cryptogr Eng 7(4):299–310

    Article  Google Scholar 

  14. Bar-El H, Choukri H, Naccache D, Tunstall M, Whelan C (2006) The sorcerer’s apprentice guide to fault attacks. Proc IEEE 94(2):370–382

    Article  Google Scholar 

  15. Guilley S, Sauvage L, Danger J-L, Selmane N, Pacalet R (2008) Silicon-level solutions to counteract passive and active attacks. In: 5th Workshop on fault diagnosis and tolerance in cryptography, 2008. FDTC’08. IEEE, pp 3–17

  16. Zussa L, Dutertre J-M, Clédiere J, Robisson B, Tria A et al (2012) Investigation of timing constraints violation as a fault injection means. In: 27th Conference on design of circuits and integrated systems (DCIS). Avignon

  17. Korak T, Hoefler M (2014) On the effects of clock and power supply tampering on two microcontroller platforms. In: Proc. of FDTC’14, pp 8–17

  18. Riscure Inspector FI https://www.riscure.com/security-tools/inspector-fi/, Online; Accessed 18 May 2017

  19. O’Flynn C, Chen ZD (2014) ChipWhisperer: an open-source platform for hardware embedded security research. In: Constructive side-channel analysis and secure design. Springer, pp 243–260

  20. Barenghi A, Bertoni G, Parrinello E, Pelosi G (2009) Low voltage fault attacks on the RSA Cryptosystem. In: 2009 Workshop on fault diagnosis and tolerance in cryptography (FDTC). IEEE, pp 23–31

  21. Timmers N, Spruyt A, Witteman M (2016) Controlling PC on ARM using fault injection. In: Fault diagnosis and tolerance in cryptography (FDTC), pp 25–35

  22. Hutter M, Schmidt J-M (2013) The temperature side channel and heating fault attacks. In: International conference on smart card research and advanced applications. Springer, pp 219–235

  23. Skorobogatov S (2009) Local heating attacks on flash memory devices. In: IEEE International workshop on hardware-oriented security and trust. 2009. HOST’09. IEEE, pp 1–6

  24. Govindavajhala S, Appel AW (2003) Using memory errors to attack a virtual machine. In: 2003 Symposium on security and privacy, 2003. Proceedings. IEEE, pp 154–165

  25. Korak T, Hutter M, Ege B, Batina L (2014) Clock glitch attacks in the presence of heating. In: 2014 Workshop on fault diagnosis and tolerance in cryptography (FDTC). IEEE, pp 104–114

  26. Skorobogatov S, Anderson RJ (2002) Optical fault induction attacks. In: Revised Papers from the 4th international workshop on cryptographic hardware and embedded systems. Springer-Verlag, pp 2–12

  27. Schmidt J-M, Hutter M Optical and EM fault-attacks on CRT-based RSA: concrete results

  28. Van Woudenberg JG, Witteman MF, Menarini F (2011) Practical optical fault injection on secure microcontrollers. In: 2011 Workshop on fault diagnosis and tolerance in cryptography (FDTC). IEEE, pp 91–99

  29. Maistri P, Leveugle R, Bossuet L, Aubert A, Fischer V, Robisson B, Moro N, Maurine P, Dutertre J-M, Lisart M (2014) Electromagnetic analysis and fault injection onto secure circuits. In: 2014 22nd International conference on very large scale integration (VLSI-SoC). IEEE, pp 1–6

  30. Moro N, Dehbaoui A, Heydemann K, Robisson B, Encrenaz E (2014) Electromagnetic fault injection: towards a fault model on a 32-bit microcontroller, CoRR, vol. abs/1402.6421. [Online]. Available: arXiv:1402.6421

  31. Velegalati R, Van Spyk R, van Woudenberg J (2013) Electro magnetic fault injection in practice. In: International Cryptographic module conference (ICMC)

  32. Tang A, Sethumadhavan S, Stolfo S (2017) CLKSCREW: exposing the perils of security-oblivious energy management. In: 26th USENIX security symposium (USENIX Security 17). Vancouver, BC: USENIX Association, pp 1057–1074. [Online]. Available: https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/tang

  33. Cai Y, Ghose S, Luo Y, Mai K, Mutlu O, Haratsch EF (2017) Vulnerabilities in MLC NAND flash memory programming: experimental analysis, exploits, and mitigation techniques. In: 2017 IEEE International symposium on high performance computer architecture (HPCA). IEEE, pp 49–60

  34. Kim Y, Daly R, Kim J, Fallin C, Lee JH, Lee D, Wilkerson C, Lai K, Mutlu O (2014) Flipping bits in memory without accessing them: an experimental study of dram disturbance errors. In: ACM SIGARCH Computer architecture news, vol 42, no 3. IEEE Press, pp 361–372

  35. Gruss D, Maurice C, Mangard S (2016) Rowhammer. js: a remote software-induced fault attack in javascript. In: Detection of intrusions and malware, and vulnerability assessment. Springer, pp 300–321

  36. van der Veen V, Fratantonio Y, Lindorfer M, Gruss D, Maurice C, Vigna G, Bos H, Razavi K, Giuffrida C (2016) Drammer: deterministic rowhammer attacks on mobile platforms. In: Proceedings of the 2016 ACM SIGSAC conference on computer and communications security. ACM, pp 1675–1689

  37. Razavi K, Gras B, Bosman E, Preneel B, Giuffrida C, Bos H (2016) Flip feng shui: hammering a needle in the software stack. In: USENIX Security symposium, pp 1–18

  38. Kurmus A, Ioannou N, Papandreou N, Parnell T (2017) From random block corruption to privilege escalation: a filesystem attack vector for rowhammer-like attacks. In: USENIX Workshop on offensive technologies (WOOT)

  39. Karaklajic D, Schmidt J, Verbauwhede I (2013) Hardware designer’s guide to fault attacks. IEEE Trans VLSI Syst 21(12):2295–2306

    Article  Google Scholar 

  40. Otto M (2005) Fault attacks and countermeasures. Ph.D. dissertation, University of Paderborn

  41. Anceau S, Bleuet P, Clėdiėre J, Maingault L, Rainard J, Tucoulou R (2017) Nanofocused x-ray beam to reprogram secure circuits. In: Cryptographic hardware and embedded systems (CHES), pp 175–188

  42. Barbu G, Thiebeauld H, Guerin V (2010) Attacks on java card 3.0 combining fault and logical attacks. Smart Card Research Adv Appl, 148–163

  43. Dehbaoui A, Mirbaha A-P, Moro N, Dutertre J-M, Tria A (2013) Electromagnetic glitch on the AES round counter. In: International Workshop on constructive side-channel analysis and secure design. Springer, pp 17–31

  44. Riviere L, Najm Z, Rauzy P, Danger J-L, Bringer J, Sauvage L (2015) High precision fault injections on the instruction cache of ARmV7-m architectures. In: 2015 IEEE International symposium on hardware oriented security and trust (HOST). IEEE, pp 62–67

  45. Nashimoto S, Homma N, Hayashi Y-i, Takahashi J, Fuji H, Aoki T (2017) Buffer overflow attack with multiple fault injection and a proven countermeasure. J Cryptogr Eng 7(1):35–46

    Article  Google Scholar 

  46. Balasch J, Gierlichs B, Verbauwhede I (2011) An in-depth and black-box characterization of the effects of clock glitches on 8-bit MCUs. In: Workshop on fault diagnosis and tolerance in cryptography (FDTC 2011), pp 105–114. [Online]. Available: https://doi.org/10.1109/FDTC.2011.9

  47. Vétillard E, Ferrari A (2010) Combined attacks and countermeasures. In: International conference on smart card research and advanced applications. Springer, pp 133–147

  48. Potet M-L, Mounier L, Puys M, Dureuil L (2014) Lazart: a symbolic approach for evaluation the robustness of secured codes against control flow injections. In 2014 IEEE Seventh International conference on software testing, verification and validation (ICST). IEEE, pp 213–222

  49. Choukri H, Tunstall M (2005) Round reduction using faults. FDTC 5:13–24

    Google Scholar 

  50. Dutertre J-M, Mirbaha A-P, Naccache D, Ribotta A-L, Tria A, Vaschalde T (2012) Fault round modification analysis of the advanced encryption standard. In: 2012 IEEE International symposium on hardware-oriented security and trust (HOST). IEEE, pp 140–145

  51. Biham E, Shamir A (1997) Differential fault analysis of secret key cryptosystems. In: Advances in cryptology—CRYPTO’97. Springer, pp 513–525

  52. Hoch JJ, Shamir A (2004) Fault analysis of stream ciphers. In: International Workshop on cryptographic hardware and embedded systems. Springer, pp 240–253

  53. Biehl I, Meyer B, Müller V (2000) Differential fault attacks on elliptic curve cryptosystems. In: Annual International cryptology conference. Springer, pp 131–146

  54. Taha M, Eisenbarth T (2015) Implementation attacks on post-quantum cryptographic schemes, Cryptology ePrint Archive, Report 2015/1083. http://eprint.iacr.org/

  55. Giraud C (2004) DFA on AES. In: International conference on advanced encryption standard. Springer, pp 27–41

  56. Ferretti C, Mella S, Melzani F (2014) The role of the fault model in DFA against AES. In: Proceedings of the workshop on hardware and architectural support for security and privacy (HASP). ACM, p 4

  57. Sakiyama K, Li Y, Iwamoto M, Ohta K (2012) Information-theoretic approach to optimal differential fault analysis. IEEE Trans Inf Forens Secur 7(1):109–120

    Article  Google Scholar 

  58. Ali SS, Mukhopadhyay D, Tunstall M (2013) Differential fault analysis of AES: towards reaching its limits. J Cryptogr Eng 3(2):73–97

    Article  Google Scholar 

  59. Ghalaty NF, Yuce B, Taha M, Schaumont P (2014) Differential fault intensity analysis. In: 2014 Workshop on fault diagnosis and tolerance in cryptography (FDTC). IEEE, pp 49–58

  60. Li Y, Ohta K, Sakiyama K (2012) New fault-based side-channel attack using fault sensitivity. IEEE Trans Inf Forens Secur 7(1):88–97

    Article  Google Scholar 

  61. Liu Y, Zhang J, Wei L, Yuan F, Xu Q (2015) Dera: yet another differential fault attack on cryptographic devices based on error rate analysis. In: Design Automation conference (DAC). ACM, p 31

  62. Fuhr T, Jaulmes E, Lomné V, Thillard A (2013) Fault attacks on AES with faulty ciphertexts only. In: 2013 Workshop on fault diagnosis and tolerance in cryptography (FDTC). IEEE, pp 108–118

  63. Järvinen K, Blondeau C, Page D, Tunstall M (2012) Harnessing biased faults in attacks on ECC-based signature schemes. In: 2012 Workshop on fault diagnosis and tolerance in cryptography (FDTC). IEEE, pp 72–82

  64. Joye M, Jean-Jacques Q, Sung-Ming Y, Yung M (2002) Observability analysis-detecting when improved cryptosystems fail. In: Cryptographers’ track at the RSA conference. Springer, pp 17–29

  65. Yen S-M, Joye M (2000) Checking before output may not be enough against fault-based cryptanalysis. IEEE Trans Comput 49(9):967–970

    Article  MATH  Google Scholar 

  66. Karaklajic D, Fan J, Verbauwhede I (2012) A systematic M safe-error detection in hardware implementations of cryptographic algorithms. In: 2012 IEEE International Symposium on hardware-oriented security and trust (HOST), pp 96–101

  67. Blömer J, Seifert J-P (2003) Fault based cryptanalysis of the advanced encryption standard (AES). In: Computer Aided verification. Springer, pp 162–181

  68. Boneh D, DeMillo RA, Lipton RJ (1997) On the importance of checking cryptographic protocols for faults. In: International Conference on the theory and applications of cryptographic techniques. Springer, pp 37–51

  69. Ciet M, Joye M (2005) Elliptic curve cryptosystems in the presence of permanent and transient faults. Des Codes Cryptograph 36(1):33–43

    Article  MathSciNet  MATH  Google Scholar 

  70. Fouque P-A, Lercier R, Réal D, Valette F (2008) Fault attack on elliptic curve montgomery ladder implementation. In: 5th Workshop on Fault diagnosis and tolerance in cryptography. 2008. FDTC’08. IEEE, pp 92–98

  71. Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Advances in cryptology—CRYPTO’99. Springer, pp 789–789

  72. Fan J, Guo X, De Mulder E, Schaumont P, Preneel B, Verbauwhede I (2010) State-of-the-art of secure ECC implementations: a survey on known side-channel attacks and countermeasures. In: 2010 IEEE International Symposium on hardware-oriented security and trust (HOST). IEEE, pp 76–87

  73. Oswald D (2013) Implementation attacks: from theory to practice, Ph.D dissertation

  74. Spreitzer R, Moonsamy V, Korak T, Mangard S (2017) Systematic classification of side-channel attacks: a case study for mobile devices. IEEE Communications Surveys & Tutorials

  75. Tillich S, Herbst C (2008) Attacking state-of-the-art software countermeasures—a case study for AES. Lect Notes Comput Sci 5154:228–243

    Article  Google Scholar 

  76. Rivain M, Prouff E (2010) Provably secure higher-order masking of AES. Cryptograph Hardware Embedded Syst CHES 2010:413–427

    MATH  Google Scholar 

  77. Grosso V, Standaert F-X, Faust S (2014) Masking vs. multiparty computation: how large is the gap for AES? J Cryptogr Eng 4(1):47–57

    Article  Google Scholar 

  78. Chevallier-Mames B, Ciet M, Joye M (2004) Low-cost solutions for preventing simple side-channel analysis: side-channel atomicity. IEEE Trans Comput 53(6):760–768

    Article  MATH  Google Scholar 

  79. Skorobogatov S (2006) Optically enhanced position-locked power analysis. Cryptograph Hardware Embedded Syst-CHES 2006:61–75

    Google Scholar 

  80. Amiel F, Villegas K, Feix B, Marcel L (2007) Passive and active combined attacks: combining fault attacks and side channel analysis. In: Workshop on Fault diagnosis and tolerance in cryptography, 2007. FDTC 2007. IEEE, pp 92–102

  81. Clavier C, Feix B, Gagnerot G, Roussellet M (2010) Passive and active combined attacks on AES combining fault attacks and side channel analysis. In: 2010 Workshop on fault diagnosis and tolerance in cryptography (FDTC). IEEE, pp 10–19

  82. Roche T, Lomné V, Khalfallah K (2011) Combined fault and side-channel attack on protected implementations of AES. Smart Card Res Adv Appl, 65–83

  83. Dassance F, Venelli A (2012) Combined fault and side-channel attacks on the AES key schedule. In: 2012 Workshop on Fault diagnosis and tolerance in cryptography (FDTC). IEEE, pp 63–71

  84. Schmidt J-M, Tunstall M, Avanzi RM, Kizhvatov I, Kasper T, Oswald D (2010) Combined implementation attack resistant exponentiation. LATINCRYPT 6212:305–322

    MATH  Google Scholar 

  85. Yao Y, Yang M, Patrick C, Yuce B, Schaumont P (2018) Fault-assisted side-channel analysis of masked implementations (to appear). In IEEE International Symposium on hardware oriented security and trust (HOST), 2018. IEEE, pp 72–77

  86. Durumeric Z, Kasten J, Adrian D, Halderman JA, Bailey M, Li F, Weaver N, Amann J, Beekman J, Payer M, Paxson V (2014) The matter of heartbleed. In: Internet Measurement conference (IMC), pp 475–488

  87. Obermaier J, Tatschner S (2017) Shedding too much light on a microcontroller’s firmware protection. In: USENIX Workshop on offensive technologies (WOOT)

  88. Scott ME Glitchy descriptor firmware grab, https://www.youtube.com/watch?v=TeCQatNcF20, Online; Accessed 14 Nov 2017

  89. Bouffard G, Iguchi-Cartigny J, Lanet J-L (2011) Combined software and hardware attacks on the java card control flow. In CARDIS, vol 7079. Springer, pp 283–296

  90. Vasselle A, Thiebeauld H, Maouhoub Q, Morisset A, Ermeneux S (2017) Laser-induced fault injection on smartphone bypassing the secure boot. In: 2017 Workshop on Fault diagnosis and tolerance in cryptography (FDTC). IEEE, pp 41–48

  91. Timmers N, Mune C (2017) Escalating privileges in Linux using voltage fault injection. In: Fault Diagnosis and tolerance in cryptography (FDTC), pp 25–35

  92. Seaborn M, Dullien T (2015) Exploiting the dram rowhammer bug to gain kernel privileges. Black Hat

  93. San Pedro M, Soos M, Guilley S (2011) Fire: fault injection for reverse engineering. In: WISTP. Springer, pp 280–293

  94. Le Bouder H, Guilley S, Robisson B, Tria A (2014) Fault injection to reverse engineer DES-like cryptosystems. In: Foundations and practice of security. Springer, pp 105–121

  95. Clavier C, Wurcker A (2013) Reverse engineering of a secret AES-like cipher by ineffective fault analysis. In: 2013 Workshop on Fault diagnosis and tolerance in cryptography (FDTC). IEEE, pp 119–128

  96. Jacob M, Boneh D, Felten E (2002) Attacking an obfuscated cipher by injecting faults. In: Digital Rights management workshop, vol 2696, pp 16–31

  97. Courbon F, Fournier JJ, Loubet-Moundi P, Tria A (2015) Combining image processing and laser fault injections for characterizing a hardware AES. IEEE Trans Comput-aided Des Integr Circ Syst 34(6):928–936

    Article  Google Scholar 

  98. Common Criteria Community https://www.commoncriteriaportal.org, Online Sccessed 18 Jan 2018

  99. United States Government Accountability Office, Information assurance, national partnership offers benefits, but faces considerable challenges, Technical Report GAO-06-392, 2006. http://www.gao.gov/new.items/d06392.pdf

  100. EMVCo Product Approval Processes http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf, Online Accessed 18 Jan 2018

  101. National Institute of Standards and Technology (NIST), Security requirements for cryptographic modules, FIPS PUB 140-2, 2001. https://www.emvco.com/processes-forms/product-approval/

Download references

Acknowledgements

The authors would like to thank Dennis Vermoen from Riscure Security Lab for his help and support.

Funding

During this work, the first author was supported in part through the National Science Foundation Grant 1441710 and 1314598, and in part through the Semiconductor Research Corporation.

Author information

Authors and Affiliations

  1. The Bradley Department of Electrical and Computer Engineering, Virginia Tech, Blacksburg, VA, USA

    Bilgiday Yuce & Patrick Schaumont

  2. Riscure – Security Lab, Delft, Netherlands

    Marc Witteman

Authors
  1. Bilgiday Yuce
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Patrick Schaumont
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Marc Witteman
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bilgiday Yuce.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Yuce, B., Schaumont, P. & Witteman, M. Fault Attacks on Secure Embedded Software: Threats, Design, and Evaluation. J Hardw Syst Secur 2, 111–130 (2018). https://doi.org/10.1007/s41635-018-0038-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41635-018-0038-1

Keywords

Search

Navigation