model on a 32 bit
play

MODEL ON A 32-BIT MICROCONTROLLER Nicolas Moro 1,3 , Amine Dehbaoui - PowerPoint PPT Presentation

Jun 02, 2023 •523 likes •785 views

ELECTROMAGNETIC FAULT INJECTION: TOWARDS A FAULT MODEL ON A 32-BIT MICROCONTROLLER Nicolas Moro 1,3 , Amine Dehbaoui 2 , Karine Heydemann 3 , Bruno Robisson 1 , Emmanuelle Encrenaz 3 1 CEA Commissariat lEnergie Atomique et aux Energies

  1. ELECTROMAGNETIC FAULT INJECTION: TOWARDS A FAULT MODEL ON A 32-BIT MICROCONTROLLER Nicolas Moro 1,3 , Amine Dehbaoui 2 , Karine Heydemann 3 , Bruno Robisson 1 , Emmanuelle Encrenaz 3 1 CEA Commissariat à l’Energie Atomique et aux Energies Alternatives 2 ENSM.SE Ecole Nationale Supérieure des Mines de Saint-Etienne 3 LIP6 - UPMC Laboratoire d’Informatique de Paris 6 Université Pierre et Marie Curie FDTC 2013 – AUGUST 20, SANTA BARBARA, USA | PAGE 1

  2. MOTIVATIONS  Security of microcontroller-based embedded systems against fault injection attacks  Target : ARM Cortex-M3 microcontroller  Fault injection means : Pulsed electromagnetic fault injection  Theoretical attacks rely on an attacker’s fault model  Electromagnetic fault injection is quite recent  Very few in-depths studies of the effects on complex systems  Better understanding of the effects of EM fault injection  Detailed fault model at a register-transfer level FDTC 2013 – Santa Barbara, USA 9 OCTOBRE 2013 | PAGE 2

  3. OUTLINE I. Experimental setup II. General approach III. Study of the injection parameters IV. Register-transfer level fault model V. Conclusion FDTC 2013 – Santa Barbara, USA | PAGE 3

  4. FAULT INJECTION ATTACKS Perturbation C M K 010110000110011 Comparison 0110010101100001 110101000101101 Faulty ciphertext  Several physical ways to inject faults into a circuit’s computation  Necessary for an attacker to know the type of injected faults Fault target Data, instructions Fault type Bit flip, reset at 0, set at 1, stuck Granularity Bit, byte, word Determinism Deterministic, metastable, random Temporal aspect Single piece of data/instruction, multiple I – Experimental setup FDTC 2013 – Santa Barbara, USA OCTOBER 9, 2013 | PAGE 4

  5. EXPERIMENTAL SETUP Pulsed electromagnetic fault injection  Transient and local effect of the fault injection  Standard circuits not protected against this technique  Solenoid used as an injection antenna  Up to 200V sent on the injection antenna, pulses width longer than 10ns Microcontroller based on an ARM Cortex-M3 - Frequency 56 MHz -16/32 bits Thumb2 RISC instruction set - ARMv7-M modified Harvard architecture - SWD link to debug the microcontroller I – Experimental setup FDTC 2013 – Santa Barbara, USA 9 OCTOBRE 2013 | PAGE 5

  6. DETAILED EXPERIMENTAL PROTOCOL  Experiment driven by the computer  Execution of a computation on the target device  Sending of a voltage pulse  Stop of the microcontroller  Harvesting of the microcontroller’s internal data  Analysis of the obtained results Main experimental parameters • Position of the injection antenna • Electric parameters of the pulse • Injection time of the pulse • Executed code on the microcontroller I – Experimental setup FDTC 2013 – Santa Barbara, USA | PAGE 6

  7. OUTLINE I. Experimental setup II. General approach III. Study of the injection parameters IV. Register-transfer level fault model V. Conclusion FDTC 2013 – Santa Barbara, USA | PAGE 7

  8. GENERAL APPROACH Exhaustive instruction simulation (finds instructions which could enable to reach B’ from A) Experimental fault B’ (depends on the experimental parameters) Fault injection Initial state Expected state A B Instruction Output pieces of data Detail R0 to R12 General-purpose registers R13 (SP) Stack pointer R14 (LR) Link register R15 (PC) Program counter XPSR Program Status Register - Flags - Details about the triggered interruptions - Details about the execution mode Memory address that contains the calculation’s output Result II – General approach FDTC 2013 – Santa Barbara, USA 9 OCTOBRE 2013 | PAGE 8

  9. SIMULATION OF A FAULT MODEL Instruction skip simulation Experimental measurements  Two lines are equal  R0 to R12 + XPSR + result + SP + PC are equal II – General approach FDTC 2013 – Santa Barbara, USA 9 OCTOBRE 2013 | PAGE 9

  10. SIMULATION OF A FAULT MODEL Example of simulation of a 16-bit instruction replacement  Very long for an exhaustive simulation over the whole instruction set  Two lines are equal  R0 to R12 + XPSR + result are equal II – General approach FDTC 2013 – Santa Barbara, USA 9 OCTOBRE 2013 | PAGE 10

  11. OUTLINE I. Experimental setup II. General approach III. Study of the injection parameters IV. Register-transfer level fault model V. Conclusion FDTC 2013 – Santa Barbara, USA | PAGE 11

  12. INFLUENCE OF THE ANTENNA’S POSITION  Green : hardware interrupts have been triggered  Red : faults on the output value have been obtained t = 0.4 ns t = 1 ns t = 2 ns t = 3.6 ns Frequency 56 MHz – Pulse width 10 ns – Pulse voltage 190V – Period 17ns t = 16.8 t = 18.6 t = 19.2 ns t = 20 ns ns ns  Target instruction : single LOAD instruction that loads 0x12345678 into R8  20 ns time interval, by steps of 200 ps - 3 mm square, by steps of 200 µm  Variable increase of the Hamming weight of the loaded piece of data  No fault on other registers than R8 (except for very few faults on R0) III – Study of the injection parameters FDTC 2013 – Santa Barbara, USA | PAGE 12

  13. INFLUENCE OF THE INJECTION TIME Example of temporal cartography on an addition loop 0xfb 0xf7 0xef 0xdf 0xbf 0x7f 0xfe 0xfd Test program: Observations: loop to sum the elements of an array  One power of two has not been added that contains eight powers of two 3.5 µs, by steps of 200 ps  BusFault or UsageFault interrupts Expected result: 0xFF  Does our fault injection have an effect on the data flow or the control flow ? III – Study of the injection parameters | PAGE 13 FDTC 2013 – Santa Barbara, USA

  14. INFLUENCE OF THE PULSE’S VOLTAGE LDR R4, PC#44 with 0x12345678 at the address PC#44 Pulse voltage Output value Occurrence rate 172V 1234 5678 100 % 174V 9 234 5678 73 % 176V FE 34 5678 30 % 178V FFF 4 5678 53 % 180V FFFD 5678 50 % 182V FFFF 7F 78 46 % 184V FFFF FFFB 40 % 186V FFFF FFFF 100 %  Simulation : corresponds to no instruction replacement  Looks like a set at 1 fault model on the Flash memory data transfers  Possible precharge of the data bus on this architecture III – Study of the injection parameters FDTC 2013 – Santa Barbara, USA 9 OCTOBRE 2013 | PAGE 14

  15. OUTLINE I. Experimental setup II. General approach III. Study of the injection parameters IV. Register-transfer level fault model V. Conclusion FDTC 2013 – Santa Barbara, USA | PAGE 15

  16. FAULTS ON THE CONTROL FLOW  Experiments with a sequence of NOP (BF 00)  Four kinds of faults  Fault on R7  The program does not stop  UsageFault exceptions (Invalid Instruction / No Coprocessor)  Fault on R0  Sometimes a modification of the number of executed cycles  Simulation on the ISA: some instructions can explain the results  Some faults only equivalent to a STR R0, [R0, #0] instruction NOP - BF00 1011 1111 0000 0000 STR R0, [R0, #0] - 6000 0110 0000 0000 0000 NOP - BF00 1011 1111 0000 0000 NOP - BF00 1011 1111 0000 0000 IV – Register-transfer level fault model FDTC 2013 – Santa Barbara, USA | PAGE 16

  17. INSTRUCTION FETCH Normal behaviour IV – Register-transfer level fault model FDTC 2013 – Santa Barbara, USA 9 OCTOBRE 2013 | PAGE 18

  18. INSTRUCTION FETCH With an electromagnetic fault injection IV – Register-transfer level fault model FDTC 2013 – Santa Barbara, USA 9 OCTOBRE 2013 | PAGE 19

  19. DATA LOAD FROM THE FLASH MEMORY Normal behaviour IV – Register-transfer level fault model FDTC 2013 – Santa Barbara, USA 9 OCTOBRE 2013 | PAGE 20

  20. DATA LOAD FROM THE FLASH MEMORY With an electromagnetic fault injection IV – Register-transfer level fault model FDTC 2013 – Santa Barbara, USA 9 OCTOBRE 2013 | PAGE 21

  21. OVERVIEW OF THE DEFINED FAULT MODEL  Possible to fault the transfers from the Flash memory Consequences regarding the instruction flow  Instructions replacements  Instruction skips under certain conditions (~ 20-30% of time)  Some instructions may be more sensitive than others  Some registers seem to be more sensitive than others Consequences regarding the data flow  Corruption of the LOAD instructions from the Flash memory (encryption keys ,…)  Some metastability phenomena, but deterministic under some conditions  Faulty values with higher Hamming weight (on this architecture) IV – Register-transfer level fault model FDTC 2013 – Santa Barbara, USA 9 OCTOBRE 2013 | PAGE 22

  22. OUTLINE I. Experimental setup II. General approach III. Study of the injection parameters IV. Register-transfer level fault model V. Conclusion FDTC 2013 – Santa Barbara, USA | PAGE 23

  23. CONCLUSION AND PERSPECTIVES  A first attempt of fault model for EM fault injection on a 32-bit µC  Corruption of the transfers from the Flash memory on the buses  The obtained effects seem very similar to the ones obtained with clock glitches or other fault injection means  Similar effects obtained previously on a very different architecture (Atmel AVR ATmega128 8-bit microcontroller)  Possibility to perform instruction skips under some specific conditions Perspectives • Use more advanced debug techniques to understand better instruction replacements • Define a higher-level fault model that can be used for theoretical attacks FDTC 2013 – Santa Barbara, USA Conclusion 9 OCTOBRE 2013 | PAGE 24

  24. THANK YOU FOR YOUR ATTENTION Any questions ? FDTC 2013 – Santa Barbara, USA Conclusion 9 OCTOBRE 2013 | PAGE 25

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Take out your DNA model DNA and the Human Genome DNA Model How was your How was your model

Take out your DNA model DNA and the Human Genome DNA Model How was your How was your model

Take out your DNA model DNA and the Human Genome DNA Model How was your How was your model like actual model different DNA? from actual DNA? How many base pairs were in your DNA model? GENETIC CODE DNA can be written out as a code.

319 views • 30 slides
How Time Variability of Testing the Model Current Map with 8 . . . Testing the Model . . .

How Time Variability of Testing the Model Current Map with 8 . . . Testing the Model . . .

How Temperatures . . . A Model (cont-d) Model: Final Formulas How Time Variability of Testing the Model Current Map with 8 . . . Testing the Model . . . Temperature Depends on a Testing the Model: . . . Testing the Model: . . . Spatial

493 views • 9 slides
MODEL SELECTION AND REGULARISATION MODEL SELECTION ESTIMATING THE ACCURACY OF THE MODEL We

MODEL SELECTION AND REGULARISATION MODEL SELECTION ESTIMATING THE ACCURACY OF THE MODEL We

MODEL SELECTION AND REGULARISATION MODEL SELECTION ESTIMATING THE ACCURACY OF THE MODEL We train the model with available data, and we will make predictions on unseen examples. Why do we need to estimate the accuracy of our model?

711 views • 14 slides
Hammond and Axelrods model is not useful for studying ethnocentrism The Segregation Model

Hammond and Axelrods model is not useful for studying ethnocentrism The Segregation Model

Fredrik Jansson Hammond and Axelrods model is not useful for studying ethnocentrism The Segregation Model Schelling 1971 ncase.me/polygons The Segregation Model The Segregation Model The Dissemination of Culture Model Axelrod 1997 The

589 views • 26 slides
OSI MODEL Maninder Kaur www.eazynotes.com Introduction to OSI Model

OSI MODEL Maninder Kaur www.eazynotes.com Introduction to OSI Model

1 OSI MODEL Maninder Kaur www.eazynotes.com Introduction to OSI Model 2 OSI model is based on the proposal developed by the International Standards Organization (ISO). This model is called ISO OSI (Open

473 views • 30 slides
Help Me Talk. Model, Wait, Use Visuals, Play! Model. Say and show! Model verbally, but

Help Me Talk. Model, Wait, Use Visuals, Play! Model. Say and show! Model verbally, but

Help Me Talk. Model, Wait, Use Visuals, Play! Model. Say and show! Model verbally, but show the key words on the communication board. Dont expect your child to respond or request every time you model. They are taking it all in!

383 views • 12 slides
The Relational Model Murali Mani Why Relational Model? Currently the most widely used

The Relational Model Murali Mani Why Relational Model? Currently the most widely used

The Relational Model Murali Mani Why Relational Model? Currently the most widely used Vendors: Oracle, Microsoft, IBM Older models still used IBMs IMS (hierarchical model) Recent competitions Object Oriented Model:

469 views • 16 slides
The Multilevel Change Model James H. Steiger Department of Psychology and Human Development

The Multilevel Change Model James H. Steiger Department of Psychology and Human Development

Introduction The General Polynomial Growth Model A Linear Growth Model An Example Early Childhood Intervention Multilevel Modeling Results Plotting Model Trends Examining Model Assumptions The Multilevel Change Model James H. Steiger

555 views • 41 slides
Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking

Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking

Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking Checking Checking for Timed Automata Timed Automata Coll C l C ll b llabora orators: t ors: Peter Bulychev, Alexandre David Axel Legay, Marius

725 views • 59 slides
ARC Activity-Based Model What is going on? Model User Group March 21, 2019 ARC Model Planned

ARC Activity-Based Model What is going on? Model User Group March 21, 2019 ARC Model Planned

ARC Activity-Based Model What is going on? Model User Group March 21, 2019 ARC Model Planned 2019 Activities Documentation: Finalize conversion to online format and transition to model storage in GitHub Automated QC process scanning

376 views • 8 slides
Software Is Details @KevlinHenney Any program is a model of a model within a theory of a model

Software Is Details @KevlinHenney Any program is a model of a model within a theory of a model

Software Is Details @KevlinHenney Any program is a model of a model within a theory of a model of an abstraction of some portion of the world or of some universe of discourse. Meir M Lehman "Programs, Life Cycles, and Laws of Software

1.23k views • 75 slides
75% Location profiler 85% Flow profiler Real user behavior 52% APs assignment algorithm

75% Location profiler 85% Flow profiler Real user behavior 52% APs assignment algorithm

T HESIS OBJECTIVES Static Canopy Model (SCM); Dynamic Canopy Model (DCM); Enhanced Static Trunk and Ground(ESTG) model; Combination of individual models into a generic doubly-selective 3D vegetation model; Final model

137 views • 12 slides
1. Can we use the CFN model for morphological traits? 2. Can we use something like the GTR model

1. Can we use the CFN model for morphological traits? 2. Can we use something like the GTR model

1. Can we use the CFN model for morphological traits? 2. Can we use something like the GTR model for morphological traits? 3. Stochastic Dollo. 4. Continuous characters. M k models k -state variants of the Jukes-Cantor model all rates

298 views • 14 slides
What is a model? A model is a representation of something. It captures not all attributes of the

What is a model? A model is a representation of something. It captures not all attributes of the

09/04/2018 What is a model? A model is a representation of something. It captures not all attributes of the represented thing, but rather only those that are relevant for a specific purpose. Confusing a model with reality would be like going

201 views • 18 slides
Next Generation ACO Model Model Overview Presentation March 17, 201 5 Agenda Model Overview

Next Generation ACO Model Model Overview Presentation March 17, 201 5 Agenda Model Overview

Next Generation ACO Model Model Overview Presentation March 17, 201 5 Agenda Model Overview Beneficiary Engagement Principles, Scope, and General Alignment Approach Voluntary Alignment Financial Model Benefit

784 views • 47 slides
Next Generation ACO Model Model Overview Presentation March 24 , 201 5 Agenda Model Overview

Next Generation ACO Model Model Overview Presentation March 24 , 201 5 Agenda Model Overview

Next Generation ACO Model Model Overview Presentation March 24 , 201 5 Agenda Model Overview Beneficiary Engagement Principles, Scope, and General Alignment Approach Voluntary Alignment Financial Model Benefit

1.24k views • 47 slides
FAULT ATTACKS ON TWO SOFTWARE COUNTERMEASURES Nicolas Moro 1,3 , Karine Heydemann 3 , Amine

FAULT ATTACKS ON TWO SOFTWARE COUNTERMEASURES Nicolas Moro 1,3 , Karine Heydemann 3 , Amine

FAULT ATTACKS ON TWO SOFTWARE COUNTERMEASURES Nicolas Moro 1,3 , Karine Heydemann 3 , Amine Dehbaoui 2 , Bruno Robisson 1 , Emmanuelle Encrenaz 3 1 CEA Commissariat lEnergie Atomique et aux Energies Alternatives 2 ENSM.SE Ecole Nationale

456 views • 22 slides
Merging of Exceptional Points in Classical Waves: Acoustics and photonic crystals Kun Ding ,

Merging of Exceptional Points in Classical Waves: Acoustics and photonic crystals Kun Ding ,

Merging of Exceptional Points in Classical Waves: Acoustics and photonic crystals Kun Ding , Guancong Ma, Meng Xiao, Z. Q. Zhang, and C. T. Chan Department of Physics and Institute for Advanced Study, The Hong Kong University of Science and

665 views • 32 slides
Hybrid Quantum Mechanics / Molecular Mechanics (QM/MM) Approaches - Partitioning the system:

Hybrid Quantum Mechanics / Molecular Mechanics (QM/MM) Approaches - Partitioning the system:

Hybrid Quantum Mechanics / Molecular Mechanics (QM/MM) Approaches - Partitioning the system: QM/MM Hamiltonian and calculation of forces Mauro Boero Institut de Physique et Chimie des Matriaux de Strasbourg University of Strasbourg - CNRS,

659 views • 33 slides
On NP-Hardness of the Paired de Bruijn Sound Cycle Problem Fedor Tsarev Evgeny Kapun Genome

On NP-Hardness of the Paired de Bruijn Sound Cycle Problem Fedor Tsarev Evgeny Kapun Genome

On NP-Hardness of the Paired de Bruijn Sound Cycle Problem Fedor Tsarev Evgeny Kapun Genome Assembly Algorithms Laboratory University ITMO, St. Petersburg, Russia September 2, 2013 Genome assembly models Shortest common superstring

604 views • 21 slides
RNA: A molecule for many uses seen with the eyes of a physicist Peter Schuster Institut fr

RNA: A molecule for many uses seen with the eyes of a physicist Peter Schuster Institut fr

RNA: A molecule for many uses seen with the eyes of a physicist Peter Schuster Institut fr Theoretische Chemie, Universitt Wien, Austria and The Santa Fe Institute, Santa Fe, New Mexico, USA CAS-MPG Partner Institute for Computational

1.08k views • 79 slides
Kinetic Folding and Evolution of RNA Peter Schuster Institut fr Theoretische Chemie,

Kinetic Folding and Evolution of RNA Peter Schuster Institut fr Theoretische Chemie,

Kinetic Folding and Evolution of RNA Peter Schuster Institut fr Theoretische Chemie, Universitt Wien, Austria and The Santa Fe Institute, Santa Fe, New Mexico, USA Biophysik Kolloquium Humboldt-Universitt Berlin, 05.07.2006 Recent

1.14k views • 100 slides
Data Requirement for Species Tree from Multiple Gene Trees (Dasarathy, Nowak, Roch 2015) Daewon

Data Requirement for Species Tree from Multiple Gene Trees (Dasarathy, Nowak, Roch 2015) Daewon

Data Requirement for Species Tree from Multiple Gene Trees (Dasarathy, Nowak, Roch 2015) Daewon Seo Mar. 14. 2017 Introduction Incomplete Lineage Sorting (ILS), . Gene tree topologies could be different from species tree Two

237 views • 11 slides
Project L.A.K.E. Logging of Acoustic Keyboard Emanations Team A2: Ronit Banerjee, Kevin

Project L.A.K.E. Logging of Acoustic Keyboard Emanations Team A2: Ronit Banerjee, Kevin

Project L.A.K.E. Logging of Acoustic Keyboard Emanations Team A2: Ronit Banerjee, Kevin DeVincentis, James Zhang Using Sound as a Keylogger Determine what a person is typing based on the sound of their keystrokes Exploit small

821 views • 12 slides

More recommend