This research investigates an important class of hardware attacks against embedded software, which uses fault injection as a hacking tool. Fault attacks use well-chosen, targeted fault injection combined with clever system response analysis to break the security of a system.
In case of a fault attack on embedded software, faults are injected into the underlying processor hardware and their effects are observed in the executed software's output. This introduces an additional difficulty in mitigation of fault attack risk. Designing efficient countermeasures requires first understanding software, instruction-set, and hardware level components of fault attacks, and then, systematically addressing the vulnerabilities at each level.
This research first proposes an instruction fault sensitivity model to capture effects of fault injection on embedded software. Based on the instruction fault sensitivity model, a novel fault attack method called MAFIA (Micro-architecture Aware Fault Injection Attack) is also introduced. MAFIA exploits the vulnerabilities in multiple abstraction layers. This enables an adversary to determine best points to attack during the execution as well as pinpoint the desired fault effects. It has been shown that MAFIA breaks the existing countermeasures with significantly fewer fault injections than the traditional fault attacks.
Another contribution of the research is a fault attack simulator, MESS (Micro-architectural Embedded System Simulator). MESS enables a user to model hardware, instruction-set, and software level components of fault attacks in a simulation environment. Thus, software designers can use MESS to evaluate their programs against several real-world fault attack scenarios.
The final contribution of this research is the fault-attack-resistant FAME (Fault-attack Aware Microprocessor Extensions) processor, which is suited for embedded, constrained systems. FAME combines fault detection in hardware and fault response in software. This allows low-cost, performance-efficient, flexible, and backward-compatible integration of hardware and software techniques to mitigate fault attack risk. FAME has been designed as an architectural concept as well as implemented as a chip prototype. In addition to protection mechanisms, the chip prototype also includes fault injection and analysis features to ease fault attack research.
The findings of this research indicate that considering multiple abstraction layers together is essential for efficient fault attacks, countermeasures, and evaluation techniques. / Ph. D. / Today, we trust a range of embedded computers to process and protect our sensitive data. For instance, credit cards process sensitive financial data during electronic payment. Similarly, smartphones use and store private user data. This research investigates fault attacks, a serious threat to the security of embedded computers.
In a fault attack, an adversary breaches the security by injecting intentional faults in an embedded computer. To induce faults, the adversary deliberately manipulates the operating conditions of the computer such as the supply voltage and ambient temperature. These faults interfere with the correct operation of the computer and cause temporary malfunctions in its hardware. The adversary then exploits the malfunctions to break the security.
Although fault injection is a powerful hacking tool that may affect any security mechanism, there is no generic technique to deal with the security threat of faults. This research seeks a broader, deeper understanding of fault attacks and appropriate countermeasures for them. Our contributions include a novel fault modeling method, efficient fault attacks, a fault attack simulator, and a low-cost fault-attack-aware microprocessor. This research also provides a deeper understanding of causes and effects of faults, which can be utilized in the design of fault attacks, countermeasures, and metrics.
Identifer | oai:union.ndltd.org:VTETD/oai:vtechworks.lib.vt.edu:10919/81824 |
Date | 16 January 2018 |
Creators | Yuce, Bilgiday |
Contributors | Electrical and Computer Engineering, Schaumont, Patrick R., Nazhandali, Leyla, Yao, Danfeng (Daphne), Patterson, Cameron D., Hsiao, Michael S. |
Publisher | Virginia Tech |
Source Sets | Virginia Tech Theses and Dissertation |
Detected Language | English |
Type | Dissertation |
Format | ETD, application/pdf |
Rights | In Copyright, http://rightsstatements.org/vocab/InC/1.0/ |
Page generated in 0.0022 seconds