Browsing by Author "Yuce, Bilgiday"
Now showing 1 - 2 of 2
Results Per Page
Sort Options
- Fault Attacks on Embedded Software: New Directions in Modeling, Design, and MitigationYuce, Bilgiday (Virginia Tech, 2018-01-16)This research investigates an important class of hardware attacks against embedded software, which uses fault injection as a hacking tool. Fault attacks use well-chosen, targeted fault injection combined with clever system response analysis to break the security of a system. In case of a fault attack on embedded software, faults are injected into the underlying processor hardware and their effects are observed in the executed software's output. This introduces an additional difficulty in mitigation of fault attack risk. Designing efficient countermeasures requires first understanding software, instruction-set, and hardware level components of fault attacks, and then, systematically addressing the vulnerabilities at each level. This research first proposes an instruction fault sensitivity model to capture effects of fault injection on embedded software. Based on the instruction fault sensitivity model, a novel fault attack method called MAFIA (Micro-architecture Aware Fault Injection Attack) is also introduced. MAFIA exploits the vulnerabilities in multiple abstraction layers. This enables an adversary to determine best points to attack during the execution as well as pinpoint the desired fault effects. It has been shown that MAFIA breaks the existing countermeasures with significantly fewer fault injections than the traditional fault attacks. Another contribution of the research is a fault attack simulator, MESS (Micro-architectural Embedded System Simulator). MESS enables a user to model hardware, instruction-set, and software level components of fault attacks in a simulation environment. Thus, software designers can use MESS to evaluate their programs against several real-world fault attack scenarios. The final contribution of this research is the fault-attack-resistant FAME (Fault-attack Aware Microprocessor Extensions) processor, which is suited for embedded, constrained systems. FAME combines fault detection in hardware and fault response in software. This allows low-cost, performance-efficient, flexible, and backward-compatible integration of hardware and software techniques to mitigate fault attack risk. FAME has been designed as an architectural concept as well as implemented as a chip prototype. In addition to protection mechanisms, the chip prototype also includes fault injection and analysis features to ease fault attack research. The findings of this research indicate that considering multiple abstraction layers together is essential for efficient fault attacks, countermeasures, and evaluation techniques.
- Microprocessor fault detection and response system(United States Patent and Trademark Office, 2019-10-22)Aspects disclosed in the detailed description include a microprocessor fault detection and response system. The microprocessor fault detection and response system utilizes a hardware-based fault-attack aware microprocessor extension (FAME) and a software-based trap handler for detecting and responding to a fault injection on a microprocessor. Upon detecting the fault injection, the hardware FAME switches the microprocessor from a normal mode to a safe mode and instructs the microprocessor to invoke the software-based trap handler in the safe mode. The hardware-based FAME provides fault recovery information to the software-based trap handler via a fault recovery register (FRR) for restoring the microprocessor to a fault-free state. By utilizing a combination of the hardware-based FAME and the software-based trap handler, it is possible to effectively protect the microprocessor from malicious fault attacks without significantly increasing performance and area overheads.