Building fault models for microcontrollers Albert Spruyt - - PowerPoint PPT Presentation

building fault models for microcontrollers
SMART_READER_LITE
LIVE PREVIEW

Building fault models for microcontrollers Albert Spruyt - - PowerPoint PPT Presentation

Oct 06, 2023 29 likes •213 views

Building fault models for microcontrollers Albert Spruyt aspruyt@os3.nl University of Amsterdam July 5, 2012 Introduction Goal: Create a method to model the effects of voltage glitches on microcontrollers. Voltage glitching: Introduction

slide-1
SLIDE 1

Building fault models for microcontrollers

Albert Spruyt aspruyt@os3.nl

University of Amsterdam

July 5, 2012

slide-2
SLIDE 2

Introduction

Goal: Create a method to model the effects of voltage glitches

  • n microcontrollers.

Voltage glitching: Introduction of faults by controlling voltages. Talk will focus on results instead of methodology.

slide-3
SLIDE 3

Applications

Control over running code:

  • Bypassing PIN/password protection
  • Key retrieval
  • Extraction of firmware
  • Retrieval of user data for evidence
slide-4
SLIDE 4

Investigation process

Figure: Investigation process 1

1Source: Dr. M. Worring

slide-5
SLIDE 5

Setup

Figure: Setup schematic

slide-6
SLIDE 6

Target

Atmel XMEGA64A3

  • 8-bit data path
  • RISC architecture
  • Harvard architecture
  • Two stage pipeline
  • Clock speed of up to

32 Mhz

Figure: XMEGA A3 a

aSource: mcuzone.com

slide-7
SLIDE 7

Timing profile

Figure: Independent glitch profile.(Red: glitch signal Blue: Vcc)

slide-8
SLIDE 8

Instrumentation

  • Initialize peripherals/variables
  • Set trigger
  • Critical section/test
  • Clear trigger
  • Send state:
  • General purpose registers
  • Status register
  • Stack pointer
  • Memory
slide-9
SLIDE 9

Instruction/glitch timing

Figure: Glitch timing and instruction execution

slide-10
SLIDE 10

Instructions

  • ALU operations
  • Flow control
  • Load and store
slide-11
SLIDE 11

Results: ALU Operations

Not executed Corrupted registers

  • Different registers
  • Lower registers

Registers initialized to zero High chance of a zero result

slide-12
SLIDE 12

Results: Flow control

Not executed Unexpected branches To different location

  • Jump is smaller
  • Always forwards
slide-13
SLIDE 13

Results: Load and store

Not executed Incorrect address

  • Lower address
  • Sometimes not from SRAM

Memory initialized to zero

slide-14
SLIDE 14

Fault model

Glitches are more likely to:

  • Affect the fetch stage
  • Jump forward
  • Use a lower register
  • Use lower memory

address

  • Transition 1 bits to 0

Figure: Multiply instruction encoding

slide-15
SLIDE 15

Attack model

  • Do not execute

instructions

  • Jump to a different

location

  • Corrupt calculations
  • Load/store incorrect

values Example: hash = sha1Hash(password); if(memcmp(hash,correct,20)==0) sendFirmware(); else error("incorrectpassword");

slide-16
SLIDE 16

Conclusion

  • Create a method for building fault models
  • Method is described in paper
  • XMEGA fault model
slide-17
SLIDE 17

Questions? ?

slide-18
SLIDE 18

References

[1]

  • J. Balasch, B. Gierlichs, and I. Verbauwhede. “An

In-depth and Black-box Characterization of the Effects of Clock Glitches on 8-bit MCUs”. In: Fault Diagnosis and Tolerance in Cryptography (FDTC), 2011 Workshop on. IEEE. 2011, pp. 105–114. [2]

  • I. Kizhvatov. “Side channel analysis of AVR XMEGA

crypto engine”. In: Proceedings of the 4th Workshop

  • n Embedded Systems Security. ACM. 2009, p. 8.