Fault Attacks on Embedded Software: New Directions in Modeling, Design, and Mitigation

Yuce, Bilgiday

16 January 2018

This research investigates an important class of hardware attacks against embedded software, which uses fault injection as a hacking tool. Fault attacks use well-chosen, targeted fault injection combined with clever system response analysis to break the security of a system. In case of a fault attack on embedded software, faults are injected into the underlying processor hardware and their effects are observed in the executed software's output. This introduces an additional difficulty in mitigation of fault attack risk. Designing efficient countermeasures requires first understanding software, instruction-set, and hardware level components of fault attacks, and then, systematically addressing the vulnerabilities at each level. This research first proposes an instruction fault sensitivity model to capture effects of fault injection on embedded software. Based on the instruction fault sensitivity model, a novel fault attack method called MAFIA (Micro-architecture Aware Fault Injection Attack) is also introduced. MAFIA exploits the vulnerabilities in multiple abstraction layers. This enables an adversary to determine best points to attack during the execution as well as pinpoint the desired fault effects. It has been shown that MAFIA breaks the existing countermeasures with significantly fewer fault injections than the traditional fault attacks. Another contribution of the research is a fault attack simulator, MESS (Micro-architectural Embedded System Simulator). MESS enables a user to model hardware, instruction-set, and software level components of fault attacks in a simulation environment. Thus, software designers can use MESS to evaluate their programs against several real-world fault attack scenarios. The final contribution of this research is the fault-attack-resistant FAME (Fault-attack Aware Microprocessor Extensions) processor, which is suited for embedded, constrained systems. FAME combines fault detection in hardware and fault response in software. This allows low-cost, performance-efficient, flexible, and backward-compatible integration of hardware and software techniques to mitigate fault attack risk. FAME has been designed as an architectural concept as well as implemented as a chip prototype. In addition to protection mechanisms, the chip prototype also includes fault injection and analysis features to ease fault attack research. The findings of this research indicate that considering multiple abstraction layers together is essential for efficient fault attacks, countermeasures, and evaluation techniques. / Ph. D.

Embedded Systems

Fault Attacks

Countermeasures

Fault Models

Fault Simulation

Fault Mitigation

Cyber Threat Intelligence from Honeypot Data using Elasticsearch

Al-Mohannadi, Hamad, Awan, Irfan U., Al Hamar, J., Cullen, Andrea J., Disso, Jules P., Armitage, Lorna

18 May 2018

yes / Cyber attacks are increasing in every aspect of daily life. There are a number of different technologies around to tackle cyber-attacks, such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), firewalls, switches, routers etc., which are active round the clock. These systems generate alerts and prevent cyber attacks. This is not a straightforward solution however, as IDSs generate a huge volume of alerts that may or may not be accurate: potentially resulting in a large number of false positives. In most cases therefore, these alerts are too many in number to handle. In addition, it is impossible to prevent cyber-attacks simply by using tools. Instead, it requires greater intelligence in order to fully understand an adversary’s motive by analysing various types of Indicator of Compromise (IoC). Also, it is important for the IT employees to have enough knowledge to identify true positive attacks and act according to the incident response process. In this paper, we have proposed a new threat intelligence technique which is evaluated by analysing honeypot log data to identify behaviour of attackers to find attack patterns. To achieve this goal, we have deployed a honeypot on an AWS cloud to collect cyber incident log data. The log data is analysed by using elasticsearch technology namely an ELK (Elasticsearch, Logstash and Kibana) stack.

Cyber attacks

Cyber threats

Honeypot data

Elasticsearch

Cyber threat intelligence technique

<b>Classifying and Identifying BGP Hijacking attacks on the internet</b>

Kai Chiu Oscar Wong (18431700)

26 April 2024

<p dir="ltr">The Internet is a large network of globally interconnected devices p used to facilitate the exchange of information across different parties. As usage of the Internet is expected to grow in the future, the underlying infrastructure must be secure to ensure traffic reaches its intended destination without any disruptions. However, the primary routing protocol used on the Internet, the Border Gateway Protocol (BGP), while scalable and can properly route traffic between large networks, does not inherently have any security mechanisms built within the protocol. This leads to devices that use BGP over the internet to be susceptible to BGP Hijacking attacks, which involve maliciously injected routes into BGP’s Routing Information Base (RIB) to intentionally redirect traffic to another destination. Attempts to solve these issues in the past have been challenging due to the prevalence of devices that use BGP on the existing Internet infrastructure and the lack of backward compatibility for proposed solutions. The goal of this research is to categorize the different types of BGP Hijacking attacks that are possible on a network, identify indicators that an ongoing BGP Hijacking attack based on received routes from the Internet locally without access to machines from other locations or networks, and subsequently leverage these indicators to protect local networks from external BGP Hijacking attacks.</p>

Network engineering

System and network security

Networking and communications

BGP

network security analysis

routing attacks

BGP Hijacking

Design Techniques for Side-channel Resistant Embedded Software

Sinha, Ambuj Sudhir

25 August 2011

Side Channel Attacks (SCA) are a class of passive attacks on cryptosystems that exploit implementation characteristics of the system. Currently, a lot of research is focussed towards developing countermeasures to side channel attacks. In this thesis, we address two challenges that are an inherent part of the efficient implementation of SCA countermeasures. While designing a system, design choices made for enhancing the efficiency or performance of the system can also affect the side channel security of the system. The first challenge is that the effect of different design choices on the side channel resistance of a system is currently not well understood. It is important to understand these effects in order to develop systems that are both secure and efficient. A second problem with incorporating SCA countermeasures is the increased design complexity. It is often difficult and time consuming to integrate an SCA countermeasure in a larger system. In this thesis, we explore that above mentioned problems from the point of view of developing embedded software that is resistant to power based side channel attacks. Our first work is an evaluation of different software AES implementations, from the perspective of side channel resistance, that shows the effect of design choices on the security and performance of the implementation. Next we present work that identifies the problems that arise while designing software for a particular type of SCA resistant architecture - the Virtual Secure Circuit. We provide a solution in terms of a methodology that can be used for developing software for such a system - and also demonstrate that this methodology can be conveniently automated - leading to swifter and easier software development for side channel resistant designs. / Master of Science

Bitslice Cryptography

Side Channel Attacks

Virtual Secure Circuit

Secure Embedded Systems

Side-channel Countermeasures

Constraint Based Program Synthesis for Embedded Software

Eldib, Hassan Shoukry

30 July 2015

In the world that we live in today, we greatly rely on software in nearly every aspect of our lives. In many critical applications, such as in transportation and medical systems, catastrophic consequences could occur in case of buggy software. As the computational power and storage capacity of computer hardware keep increasing, so are the size and complexity of the software. This makes testing and verification increasingly challenging in practice, and consequentially creates a chance for software with critical bugs to find their way into the consumer market. In this dissertation, I present a set of innovative new methods for automatically verifying, as well as synthesizing, critical software and hardware in embedded computing applications. Based on a set of rigorous formal analysis techniques, my methods can guarantee that the resulting software are efficient and secure as well as provably correct. / Ph. D.

Program Synthesis

Formal Verification

Embedded Software

Security

Cryptography

Side-Channel Attacks and Countermeasures

Advancing the Utility of Manufacturing Data for Modeling, Monitoring, and Securing Machining Processes

Shafae, Mohammed Saeed Abuelmakarm

23 August 2018

The growing adoption of smart manufacturing systems and its related technologies (e.g., embedded sensing, internet-of-things, cyber-physical systems, big data analytics, and cloud computing) is promising a paradigm shift in the manufacturing industry. Such systems enable extracting and exchanging actionable knowledge across the different entities of the manufacturing cyber-physical system and beyond. From a quality control perspective, this allows for more opportunities to realize proactive product design; real-time process monitoring, diagnosis, prognosis, and control; and better product quality characterization. However, a multitude of challenges are arising, with the growing adoption of smart manufacturing, including industrial data characterized by increasing volume, velocity, variety, and veracity, as well as the security of the manufacturing system in the presence of growing connectivity. Taking advantage of these emerging opportunities and tackling the upcoming challenges require creating novel quality control and data analytics methods, which not only push the boundaries of the current state-of-the-art research, but discover new ways to analyze the data and utilize it. One of the key pillars of smart manufacturing systems is real-time automated process monitoring, diagnosis, and control methods for process/product anomalies. For machining applications, traditionally, deterioration in quality measures may occur due to a variety of assignable causes of variation such as poor cutting tool replacement decisions and inappropriate choice cutting parameters. Additionally, due to increased connectivity in modern manufacturing systems, process/product anomalies intentionally induced through malicious cyber-attacks -- aiming at degrading the process performance and/or the part quality -- is becoming a growing concern in the manufacturing industry. Current methods for detecting and diagnosing traditional causes of anomalies are primarily lab-based and require experts to perform initial set-ups and continual fine-tuning, reducing the applicability in industrial shop-floor applications. As for efforts accounting for process/product anomalies due cyber-attacks, these efforts are in early stages. Therefore, more foundational research is needed to develop a clear understanding of this new type of cyber-attacks and their effects on machining processes, to ensure smart manufacturing security both on the cyber and the physical levels. With primary focus on machining processes, the overarching goal of this dissertation work is to explore new ways to expand the use and value of manufacturing data-driven methods for better applicability in industrial shop-floors and increased security of smart manufacturing systems. As a first step toward achieving this goal, the work in this dissertation focuses on adopting this goal in three distinct areas of interest: (1) Statistical Process Monitoring of Time-Between-Events Data (e.g., failure-time data); (2) Defending against Product-Oriented Cyber-Physical Attacks on Intelligent Machining Systems; and (3) Modeling Machining Process Data: Time Series vs. Spatial Point Cloud Data Structures. / PHD / Recent advancements in embedded sensing, internet-of-things, big data analytics, cloud computing, and communication technologies and methodologies are shifting the modern manufacturing industry toward a novel operational paradigm. Several terms have been coined to refer to this new paradigm such as cybermanufacturing, industry 4.0, industrial internet of things, industrial internet, or more generically smart manufacturing (term to be used henceforth). The overarching goal of smart manufacturing is to transform modern manufacturing systems to knowledge-enabled Cyber-Physical Systems (CPS), in which humans, machines, equipment, and products communicate and cooperate together in real-time, to make decentralized decisions resulting in profound improvements in the entire manufacturing ecosystem. From a quality control perspective, this allows for more opportunities to utilize manufacturing process data to realize proactive product design; real-time process monitoring, diagnosis, prognosis, and control; and better product quality characterization. With primary focus on machining processes, the overarching goal of this work is to explore new ways to expand the use and value of manufacturing data-driven methods for better applicability in industrial shop-floors and increased security of smart manufacturing systems. As a first step toward achieving this goal, the work in this dissertation focuses on three distinct areas of interest: (1) Monitoring of time-between-events data of mechanical components replacements (e.g., failure-time data); (2) Defending against cyber-physical attacks on intelligent machining systems aiming at degrading machined parts quality; and (3) Modeling machining process data using two distinct data structures, namely, time series and spatial point cloud data.

Advanced Manufacturing Systems

Cyber-Physical Attacks

Cyber-Physical Systems Security

Quality Control

Statistical Process Control

Quality Control Tools for Cyber-Physical Security of Production Systems

Elhabashy, Ahmed Essam

15 January 2019

With recent advancements in computer and network technologies, cyber-physical systems have become more susceptible to cyber-attacks; and production systems are no exception. Unlike traditional Information Technology (IT) systems, cyber-physical systems are not limited to attacks aimed at Intellectual Property (IP) theft, but also include attacks that maliciously affect the physical world. In manufacturing, such cyber-physical attacks can destroy equipment, force dimensional product changes, alter a product's mechanical characteristics, or endanger human lives. The manufacturing industry often relies on modern Quality Control (QC) tools to protect against quality losses, such as those that can occur from an attack. However, cyber-physical attacks can still be designed to avoid detection by traditional QC methods, which suggests a strong need for new and more robust QC tools. Such new tools should be able to prevent, or at least minimize, the effects of cyber-physical attacks on production systems. Unfortunately, little to no research has been done on using QC tools for cyber-physical security of production systems. Hence, the overarching goal of this work is to allow QC systems to be designed and used effectively as a second line of defense, when traditional cyber-security techniques fail and the production system is already breached. To this end, this work focuses on: 1) understanding the role of QC systems in cyber-physical attacks within manufacturing through developing a taxonomy encompassing the different layers involved; 2) identifying existing weaknesses in QC tools and exploring the effects of exploiting them by cyber-physical attacks; and 3) proposing more effective QC tools that can overcome existing weaknesses by introducing randomness to the tools, for better security against cyber-physical attacks in manufacturing. / Ph. D. / The recent technological developments in computers and networking have made systems, such as production systems, more vulnerable to attacks having both cyber and physical components; i.e., to cyber-physical attacks. In manufacturing, such attacks are not only capable of stealing valuable information, but can also destroy equipment, force physical product changes, alter product’s mechanical characteristics, or endanger human lives. Typically, the manufacturing industry have relied on various Quality Control (QC) tools, such as product inspection, to detect the effects caused by these attacks. However, these attacks could be still designed in a way to avoid detection by traditional QC methods, which suggests a need for new and more effective QC tools. Such new tools should be able to prevent, or at least minimize, the effects of these attacks in manufacturing. Unfortunately, almost no research has been done on using QC tools for securing production systems against these malicious attacks. Hence, the overarching goal of this work is to allow QC systems to be designed in a more effective manner to act as a second line of defense, when traditional cyber-security measures and attackers have already accessed the production system. To this end, this work focuses on: 1) understanding the role of QC systems during the attack; 2) identifying existing weaknesses in QC tools and determining the effects of exploiting them by the attack; and 3) proposing more effective QC tools, for better protection against these types of cyber-physical attacks in manufacturing.

Advanced Production Systems

Cyber-Physical Attacks

Cyber-Physical Security

Quality Control

Statistical Process Control

Understanding the Impacts of Data Integrity Attacks in the Context of Transactive Control Systems

Biswas, Shuchismita

January 2018

The rapid growth of internet-connected smart devices capable of exchanging energy price information and adaptively controlling the consumption of connected loads, has paved the way for transactive control to make inroads in the modern grid. Transactive control frameworks integrate the wholesale and retail energy markets, and enable active participation of end users, thereby playing a key role in managing the rising number of distributed assets.However, the use of internet for the communication of data among the building, distribution,and transmission levels makes the system susceptible to external intrusions. A skilled adversary can potentially manipulate the exchanged data with the intention to inflict damage to the system or increase financial gains. In this thesis, the effect of such data integrity attacks on information exchanged between the distribution systems operator and end-users is investigated. Impact on grid operations is evaluated using different categories like operational, financial, user comfort and reliability parameters. It is shown that attack impact depends on a number of factors like attack duration, time of attack, penetration rate etc besides the attack magnitude. The effect of an attack continues to persist for some time after its removal and hence effective detection and mitigation strategies will be required to ensure system resilience and robustness. / Master of Science / Transactive energy is a framework where price-responsive loads adjust their energy consumption at a certain time according to the real-time energy price sent by the utility. Field demonstrations in recent years have shown that transactive control can effectively manage grid objectives and also monetarily benefit both the electric utility and end-users. Therefore, transactive energy is expected to make inroads into conventional grid operations in the next few years. As successful operation of such a market depends on the information exchanged among different stakeholders, a malicious adversary may try to inject false data and affect system operations. This thesis investigates how manipulating data in the transactive energy platform affects system operations and financial gains of different stakeholders. Understanding system behavior under attack conditions will help in formulating effective detection and mitigation strategies and enhancing system resilience.

Smart grid

transactive energy

data integrity attacks

locational marginal price

impact metrics

The American Bully - a review of the dog breed in Sweden

Ivarsson, Hanna

January 2024

The American bully is a relatively new breed of dog, originating in United States of America and has in recent years increased in popularity in Sweden. It is an extension of the American Pitbull terrier, and is often described by breeders and owners as a gentle and friendly companion dog. The purpose of this study was to evaluate the breed and its description by reviewing legal cases and advertisements. I also reviewed information from the Swedish Board of Agriculture regarding registrations of the breed to examine how common it is in Sweden. The American Bully breed has increased with around 1000 dogs per year, and in 2023 there were 5538 dogs registered in as dogs of American Bully breed. Dogs of American Bully breed change owners over eight times more often than dogs in general in Sweden, making the breed overrepresented when it comes to ownership changes. The breed is the second most common dog breed to change ownership in the dog registry, with only mixed breed having more ownership changes. Changed circumstances in the family was the most commonly reason given in advertisements for rehoming of an American Bully dog. Breeders of American Bully describe their dogs with regard of their appearance and bloodlines instead of mentality and behaviour, and market the breed as an excellent family dog. The results of this study show that dogs of American Bully breed have caused injuries to both adults and children by attacking and biting them seemingly unprovoked. My conclusion of the American Bully breed is that it is a powerful and muscular breed of dog that is wrongly marketed as a lazy companion dog. More studies are needed with regard to the breeds health and behaviour. A breeding program from the American Bully clubs could be a possible way to correct the current problems regarding health and aggressive behaviour in the breed.

American Bully

ownership changes

legal cases

dog advertisements

dog-bites

dog attacks.

Biological Sciences

Biologiska vetenskaper

Nouvelles Contre-Mesures pour la Protection de Circuits Intégrés / New Protection Strategies for Integrated Circuits

Cioranesco, Jean-Michel

18 December 2014

Les domaines d'application de la cryptographie embarquée sont très divers et se retrouvent au croisement de toutes les applications personnelles, avec un besoin évident de confidentialité des données et également de sécurité d'accès des moyens de paiement. Les attaques matérielles invasives ont fait de tous temps partie de l'environnement industriel. L'objectif de cette thèse est de proposer de nouvelles solutions pour protéger les circuits intégrés contre ces attaques physiques. La première partie décrit les notions d'attaques par canaux cachés, d'attaques invasives et de retro-conception. Plusieurs exemples de ces types d'attaques ont pu être mis en œuvre pendant le travail de recherche de cette thèse, ils sont présentés en détail dans cette partie. La deuxième partie est consacrée à des propositions de différentes contre-mesures pour contrer des attaques par canaux cachés ayant pour vecteur la consommation de courant. La troisième partie est dédiée à la protection contre les attaques invasives en utilisant divers types de boucliers et capteurs. Nous conclurons ce manuscrit de thèse par la proposition d'un bouclier actif cryptographique inviolable ayant pour but premier de contrer Je sondage, mais aussi celui de détecter l'injection de fautes et d'être immunisé contre les analyses par consommation de courant. / Embedded security applications are diverse and at the center of all personal embedded applications. They introduced an obvious need for data confidentiality and security in general. Invasive attacks on hardware have always been part of the industrial scene. The aim of this thesis is to propose new solutions in order to protect embedded circuits against some physical attacks described above. ln a first part of the manuscript, we detail the techniques used to achieve side-channel, invasive attacks and reverse engineering. I could implement several of these attacks during my thesis research, they will be detailed extensively. ln the second part we propose different hardware countermeasures against side-channel attacks. The third part is dedicated to protection strategies against invasive attacks using active shielding and we conclude this work by proposing an innovative cryptographic shield which is faulty and dpa resistant.

Attaques par canaux cachés

Attaques invasives

Analyse par consommation de courant

Circuit intégré

Bouclier actif

Émanations électromagnétiques

Chiffrement sécurisé

Sécurité embarquée

Side-channel attacks

Invasive attacks

Differential power analysis

Integrated circuit

Active shield

Embedded security

Cryptography

Fault attack

652.8