FAME Fault Injection Assessment and Mitigation of Microelectronics at Pre-silicon

Abstract

Any security breach in U.S. military and naval electronic systems could critically hinder DoD mission objectives and endanger lives. The backbone of such systems is system-on-chips (SoCs), all highly vulnerable to diverse forms of physical and non-physical attacks namely information leakage, side-channel leakage, fault injection, physical attacks, rowhammer, and more. These attacks can effectively bypass the security mechanisms built in the hardware designs and put systems at risk. Among them, fault-injection attacks havebecome a major concern due to their powerful capability in tampering with critical locations in a device and ability for extractingsecrets, irrespective of the mathematical strength of the implemented security mechanisms.In a fault-injection attack, the faults are intentionally injected into a system to compromise the security by causing confidentiality or integrity violations, mainly by facilitating leakage of secrets in the system. Such attacks can be carried out by a variety of techniques and instruments with different costs and precision. Due to the low cost and accessibility of non-invasive (e.g., clock/voltage glitching or electromagnetic pulses) and semi-invasive (e.g., laser beams) techniques, they have been widely used by attackers to target the security of hardware systems. Many successful fault-injection attacks have been demonstrated on several security-critical applications, including AES, DES, and RSA encryption engines as well as Intel SGX. Researchers have proposed an array of physical or architectural countermeasures against fault-injection attacks. However, they usually come with large overhead and design efforts making them difficult to use in practice. In addition, the current electronic design automation tools are not equipped to support vulnerability assessment against fault-injection attacks. To perform a pre-silicon evaluation of such attacks, a designer must perform a tedious manual design review, which is time-consuming and error prone. Therefore, there is a critical need for an automatic assessment framework to evaluate the resiliency of hardware designs at pre-silicon stages against various fault-injection attacks.In this project, we propose to develop innovative models and metrics for fault-injection vulnerability assessment of SoC designs at various levels of abstractions (e.g., layout, gate-level and RTL) while considering the design-specific security properties. Central to our assessment and mitigation framework is utilizing security properties as it drives identification of the most vulnerable locations in the SoC design to fault-injection attacks. Protecting these locations ensures no security properties would be violated. Hence, it enables applying local countermeasures that will be more effective with significantly low-overhead and cost. To accomplish this goal, we will convert the power and timing impact of fault-injection methods (we will consider non-invasive and semi-invasive fault-injection techniques such as laser probing, EM and clock glitching) to a formal mathematical models and metrics according to the properties and then build comprehensive fault models to measure the success rate of different fault-injection techniques. Inspired by models, we plan to design a set of sensors to implement a set of mitigation strategies based on retiming, using process variation, and physical placement to address the detected vulnerabilities with cost-performance-security trade-off in consideration.The proposed project will significantly reduce the risk of critical fault-injection attacks that break designed-in security mechanisms (e.g., authentication, authorization, privacy, confidentiality, and data integrity) of electronic systems. Therefore, this project will have a significant impact on securing DoD and mission-critical applications.

Document Details

Document Type

DoD Grant Award

Publication Date

Jan 12, 2023

Source ID

N000142312089

Entities

Tags