Talk Title:

Security Property-driven Fault Injection Assessment in Modern SoCs

Abstract:

System-on-chips (SoCs) are prevalent in any computing devices deployed to military and space applications, mobile applications, financial systems, transportations, even household appliances. SoCs are subject to an array of attacks, namely information leakage, side-channel leakage, fault injection, physical attacks, and more. Among them, fault injection attacks, though immensely powerful, have unfortunately received the least attention from the community. In a fault-injection attack, the faults are intentionally injected in a system to compromise the security by causing the denial of service, or violating the confidentiality/integrity of the system, mainly by establishing illegal authentication or facilitating leakage of secrets in the system. Fault-injection attacks are major concerns due to their powerful capability in tampering with critical locations in a device. Fault-injection attacks can be non-invasive (e.g., clock glitching or voltage glitching), semi-invasive (e.g., local heating or laser), or invasive (e.g., focused ion beam), which can be carried out by a variety of techniques and instruments with different cost and precision. Various forms of fault-injection attacks have been successfully demonstrated by researchers as well as practitioners in the industry on many security-critical applications, including AES, DES, and RSA encryption algorithms, error correction code, radio-frequency identification, virtual machines, microcontrollers, as well as analog sensors. Researchers have proposed an array of physical or architectural countermeasures against fault-injection attacks. However, these techniques usually come with large overhead and design efforts making them difficult to use in practice. In addition, the current electronic design automation (EDA) tools are not fully equipped to support vulnerability assessment against fault-injection attacks. Therefore, there is a critical need for a fault-injection assessment framework to automatically assess the resiliency of hardware designs toward various fault-injection attacks. In this talk, I present an automated framework for fault-injection vulnerability assessment of designs at pre-silicon while considering the design-specific security properties using novel models and metrics. Our framework will be driven by a set of pre-defined security properties. Hence, it will identify the most vulnerable locations to fault-injection attacks in the design so that by protecting these locations, no security properties would be violated. As a result, applying local countermeasures will be more effective, and the protection overhead will be reduced significantly.

Speaker Bio:

Farimah Farahmandi is an assistant professor in the Department of Electrical and Computer Engineering at the University of Florida. She received her Ph.D. from the Department of Computer and Information Science and Engineering at the University of Florida, 2018. She received her B.S. and M.S. from the Department of Electrical and Computer Engineering at the University of Tehran, Iran in 2010 and 2013, respectively. Her research interests include the computer-aided design for hardware security, formal verification, and post-silicon validation and debug. Her research has resulted in three books, ten book chapters, and several publications in premier ACM/IEEE journals and conferences. She currently serves as an Associate Editor of IET Computers & Digital Techniques. She also has served on many technical program committees as well as organizing committees of premier ACM and IEEE conferences. Her research has been sponsored by SRC, AFRL, DARPA, DOD, Analog Devices, Ansys, and Cisco Systems. She is a member of IEEE and ACM.