Global ETD Search

51	Formal fault injection vulnerability detection in binaries : a software process and hardware validation / Détection formelle de vulnérabilité créée par injection de faute au niveau binaire : un processus logiciel et une validation matérielle Jafri, Nisrine 25 March 2019 (has links) L'injection de faute est une méthode bien connue pour évaluer la robustesse et détecter les vulnérabilités des systèmes. La détection des vulnérabilités créées par injection de fautes a été approchée par différentes méthodes. Dans la littérature deux approches existent: les approches logicielles et les approches matérielles. Les approches logicielles peuvent fournir une large et rapide couverture, mais ne garantissent pas la présence de vulnérabilité dans le système. Les approches matérielles sont incontestables dans leurs résultats, mais nécessitent l’utilisation de matériaux assez coûteux et un savoir-faire approfondi, qui ne permet tout de même pas dans la majorité des cas de confirmer le modèle de faute représentant l'effet créé. Dans un premier lieu, cette thèse se concentre sur l'approche logicielle et propose une approche automatisée qui emploie les techniques de la vérification formelle pour détecter des vulnérabilités créées par injection de faute au niveau binaire. L'efficacité de cette approche est montrée en l'appliquant à des algorithmes de cryptographie implémentés dans les systèmes embarqués. Dans un second lieu, cette thèse établit un rapprochement entre les deux approches logicielles et matérielles sur la détection de vulnérabilité d'injection de faute en comparant les résultats des expériences des deux approches. Ce rapprochement des deux approches démontre que: toutes les vulnérabilités détectées par l'approche logicielle ne peuvent pas être reproduites dans le matériel; les conjectures antérieures sur le modèle de faute par des attaques d'impulsion électromagnétique ne sont pas précises ; et qu’il y a un lien entre les résultats de l’approche logicielle et l'approche matérielle. De plus, la combinaison des deux approches peut rapporter une approche plus précise et plus efficace pour détecter les vulnérabilités qui peuvent être créées par injection de faute. / Fault injection is a well known method to test the robustness and security vulnerabilities of systems. Detecting fault injection vulnerabilities has been approached with a variety of different but limited methods. Software-based and hardware-based approaches have both been used to detect fault injection vulnerabilities. Software-based approaches can provide broad and rapid coverage, but may not correlate with genuine hardware vulnerabilities. Hardware-based approaches are indisputable in their results, but rely upon expensive expert knowledge, manual testing, and can not confirm what fault model represent the created effect. First, this thesis focuses on the software-based approach and proposes a general process that uses model checking to detect fault injection vulnerabilities in binaries. The efficacy and scalability of this process is demonstrated by detecting vulnerabilities in different cryptographic real-world implementations. Then, this thesis bridges software-based and hardware-based fault injection vulnerability detection by contrasting results of the two approaches. This demonstrates that: not all software-based vulnerabilities can be reproduced in hardware; prior conjectures on the fault model for electromagnetic pulse attacks may not be accurate; and that there is a relationship between software-based and hardware-based approaches. Further, combining both software-based and hardware-based approaches can yield a vastly more accurate and efficient approach to detect genuine fault injection vulnerabilities. Injection de faute Détection de vulnérabilité Model checking Méthodes formelles Fault Injection Vulnerability Detection Model Checking Formal Methods
52	Aportaciones a la tolerancia a fallos en microprocesadores bajo efectos de la radiación Isaza-González, José 16 July 2018 (has links) El funcionamiento correcto de un sistema electrónico, aún bajo perturbaciones y fallos causados por la radiación, ha sido siempre un factor crucial en aplicaciones aeroespaciales, médicas, nucleares, de defensa, y de transporte. La tolerancia de estos sistemas, o de los componentes que los integran, a fallos de tipo Single Event Effects (SEEs), es un tema de investigación importante y una característica imprescindible de cualquier sistema utilizado, no solo en aplicaciones críticas, sino también en las aplicaciones del día a día. Por esta razón, las aplicaciones de estos sistemas requieren, cada vez más, herramientas, métricas y parámetros específicos que permitan evaluar la tolerancia a fallos; y a su vez, permitan guiar el proceso para aplicar de forma eficiente los mecanismos de protección utilizados para la mitigación de estos fallos. En este contexto, esta tesis doctoral presenta una herramienta de inyección de fallos y la metodología para la realización de campañas de inyección de fallos tipo Single Event upset (SEU) en procesadores Commercial Off-The-Shelf (COTS) y a través de plataformas de emulación/simulación. Esta herramienta aprovecha las ventajas que ofrecen las infraestructuras de depuración de hardware tales como On-Chip Debugging (OCD), y el depurador estándar de GNU (GDB) para la ejecución y depuración de los casos de estudio. También, se analiza la posibilidad de utilizar un modelo descrito en HDL (Hardware Description Language) del procesador MSP430 de Texas Instruments para estimar la fiabilidad de las aplicaciones al principio de la fase de desarrollo. Se utilizan diferentes métodos de inyección de fallos que muestran las ventajas que ofrece la emulación FPGA en comparación con las campañas de inyección llevadas a cabo en los dispositivos reales. La vulnerabilidad del banco de registros se compara y analiza por cada uno de sus registros. Por otro lado, esta memoria de tesis presenta una métrica para la aplicación eficiente del endurecimiento selectivo basada en software, que hemos llamado SHARC (Software based HARdening Criticality). Adicionalmente, también presenta un método para guiar el proceso de endurecimiento según la clasificación generada por la métrica SHARC. De esta forma, se logra proteger los recursos internos del procesador, obteniendo una cobertura máxima de fallos con los mínimos sobrecostes de protección (overheads). Esto permite diseñar sistemas confiables a bajo coste, logrando obtener un punto óptimo entre los requisitos de confiabilidad y las restricciones de diseño, evitando el uso excesivo de costosos mecanismos de protección (hardware y software). Microprocessor reliability Fault injection Soft error Radiation effects fault tolerance
53	Developing for Resilience: Introducing a Chaos Engineering tool Monge Solano, Ignacio, Matók, Enikő January 2020 (has links) Software complexity continues to accelerate, as new tools, frameworks, and technologiesbecome available. This, in turn, increases its fragility and liability. Despite the amount ofinvestment to test and harden their systems, companies still pay the price of failure. Towithstand this fast-paced development environment and ensure software availability, largescalesystems must be built with resilience in mind. Chaos Engineering is a new practicethat aims to assess some of these challenges. In this thesis, the methodology, requirements,and iterations of the system design and architecture for a chaos engineering tool arepresented. In a matter of only a couple of months and the working hours of two engineers, itwas possible to build a tool that is able to shed light on the attributes that make the targetedsystem resilient as well as the weaknesses in its failure handling mechanisms. This toolgreatly reduces the otherwise manual testing labor and allows software engineering teamsto find potentially costly failures. These results prove the benefits that many companiescould experience in their return of investment by adopting the practice of ChaosEngineering. chaos engineering fault injection resilience testing distributed systems Engineering and Technology Teknik och teknologier
54	Méthodes logicielles formelles pour la sécurité des implémentations de systèmes cryptographiques / Formal sofwtare methods for cryptosystems implementation security Rauzy, Pablo 13 July 2015 (has links) Les implémentations cryptographiques sont vulnérables aux attaques physiques, et ont donc besoin d'en être protégées. Bien sûr, des protections défectueuses sont inutiles. L'utilisation des méthodes formelles permet de développer des systèmes tout en garantissant leur conformité à des spécifications données. Le premier objectif de ma thèse, et son aspect novateur, est de montrer que les méthodes formelles peuvent être utilisées pour prouver non seulement les principes des contre-mesures dans le cadre d'un modèle, mais aussi leurs implémentations, étant donné que c'est là que les vulnérabilités physiques sont exploitées. Mon second objectif est la preuve et l'automatisation des techniques de protection elles-même, car l'écriture manuelle de code est sujette à de nombreuses erreurs, particulièrement lorsqu'il s'agit de code de sécurité. / Implementations of cryptosystems are vulnerable to physical attacks, and thus need to be protected against them. Of course, malfunctioning protections are useless. Formal methods help to develop systems while assessing their conformity to a rigorous specification. The first goal of my thesis, and its innovative aspect, is to show that formal methods can be used to prove not only the principle of the countermeasures according to a model, but also their implementations, as it is where the physical vulnerabilities are exploited. My second goal is the proof and the automation of the protection techniques themselves, because handwritten security code is error-prone. Cryptologie Méthodes formelles Canal auxiliaire Injections de fautes Cryptology Formal methods Side-channel Fault injection
55	ETFIDS: Efficient Transient Fault Injection and Detection System Tian, Ninghan January 2018 (has links) No description available. Electrical Engineering Fault-injection dependable system fault-tolerant system fault error latency coverage
56	Investigating the Effectiveness of Forward-Porting Bugs Nyquist, Fredrik January 2023 (has links) This research investigates the effectiveness of the forward-porting approach employed in the Magma framework as a fault injection technique for evaluating fuzzers. The study aims to assess the use of Proof-of-Concepts in reproducing crashes in CVEs and evaluate the feasibility of forward-porting vulnerabilities into later software versions. An experiment was conducted using three selected open-source libraries to explore whether vulnerabilities could be triggered or reached in the latest versions through the forward-porting approach. The findings suggest that the forward-porting approach may not be the most effective method for injecting vulnerabilities into software systems. Out of the 22 chosen CVEs for analysis, only one could be triggered and two could be reached using the forward-porting approach. This indicates that many of the injected vulnerabilities become obsolete or have unsatisfiable trigger conditions in later versions. Additionally, manual verification of these vulnerabilities have been found to be time-consuming and challenging. Further research is necessary to provide a comprehensive evaluation of the effectiveness of the forward-porting approach in vulnerability injection. Fuzzing Fuzz testing Forward-porting Fault injection Magma Umeå University Software Engineering Programvaruteknik
57	An Evaluation of Soft Processors as a Reliable Computing Platform Gardiner, Michael Robert 01 July 2015 (has links) (PDF) This study evaluates the benefits and limitations of soft processors operating in a radiation-hardened FPGA, focusing primarily on the performance and reliability of these systems. FPGAs designs for four popular soft processors, the MicroBlaze, LEON3, Cortex-M0 DesignStart, and OpenRISC 1200 are developed for a Virtex-5 FPGA. The performance of these soft processor designs is then compared on ten widely-used benchmark programs. Benchmarking results indicate that the MicroBlaze has the best integer performance of the soft processors, with at least 2.23X better performance on average than the other three processors. However, the LEON3 has the best floating-point performance, with benchmark scores 8.9X higher on average than its competitors.The soft processors' performance is also compared against estimated benchmark scores for a radiation-hardened processor, the RAD750. We find the average performance of the RAD750 to be 2.58X better than the best soft processor scores on each benchmark, although the best soft processor scores were higher on two benchmarks. The soft processors' inability to compete with the performance of the decade-old RAD750 illustrates the substantial performance gap between hard and soft processor architectures. Although soft processors are not capable of competing with rad-hard processors in performance, the flexibility they provide nevertheless makes them a desirable option for space systems where speed is not the key issue.Fault injection experiments are also completed on three of the soft processors to evaluate their configuration memory sensitivity. Our results demonstrate that the MicroBlaze is less sensitive than the LEON3 and the Cortex-M0 DesignStart, but that the LEON3 has lower sensitivity per FPGA slice than the other processors. A combined metric for soft processor performance and configuration sensitivity is then developed to aid future researchers in evaluating the trade-offs between these two distinct processor attributes. soft processor radiation-hardened processor benchmarking fault injection Electrical and Computer Engineering
58	Duplicate with Choose: Using Statistics for Fault Mitigation Anderson, Jon-Paul 01 June 2016 (has links) This dissertation presents a novel technique called duplicate with choose (DWCh) which is a modification of the fault detection technique duplicate with compare (DWC). DWCh adds a smart decider block to DWC that monitors the duplicated circuits and decides which circuit is fault free when a fault occurs. If chosen correctly, DWCh is able to mask faults at a lower cost than conventional techniques like TMR.This dissertation derives reliability expressions for DWCh showing that under ideal conditions its reliability exceeds the most commonly used fault masking technique for spacecraft, triple modular redundancy. For non-ideal conditions, DWCh provides a lower cost alternative than TMR but with lower reliability as well. Three types of DWCh smart deciders were developed for use with digital communications receivers. The first type used histograms as the statistical basis for the decider. The second type made use of moments for decision. The third type, although not generally applicable to other systems, used a signal common to communications receivers with excellent results. The communications receivers were subjected to hardware fault injection to gather datastreams affected by real world faults. The captured datastreams were used with Simulink models of the different deciders to quantify their performance and discover how a practical implementation of DWCh differs from the theoretical model. The increase in mean time to failure for DWCh when compared to simplex ranged from 20x to 130x depending on the specific smart decider tested. reliability fault mitigation fault injection concurrent error detection DWC DWCh FPGA Electrical and Computer Engineering Engineering
59	Model-based dependability analysis: State-of-the-art, challenges, and future outlook Sharvia, S., Kabir, Sohag, Walker, M., Papadopoulos, Y. 21 October 2019 (has links) No Behavioural fault injection Failure logic modelling Model-based dependability analysis Safety analysis System design
60	High Speed Clock Glitching Desiraju, Santosh 18 February 2015 (has links) No description available. Electrical Engineering Engineering Fault Injection Clock glitching Hardware attacks RSA High-speed clock ARM Cortex-M4

Search results