Projects per year
Abstract
Fault injection (FI) is a powerful attack methodology allowing an adversary to entirely break the security of a target device. As finite-state machines (FSMs) are fundamental hardware building blocks responsible for controlling systems, inducing faults into these controllers enables an adversary to hijack the execution of the integrated circuit. A common defense strategy mitigating these attacks is to manually instantiate FSMs multiple times and detect faults using a majority voting logic. However, as each additional FSM instance only provides security against one additional induced fault, this approach scales poorly in a multi-fault attack scenario.
In this paper, we present SCFI: a strong, probabilistic FSM protection mechanism ensuring that control-flow deviations from the intended control-flow are detected even in the presence of multiple faults. At its core, SCFI consists of a hardened next-state function absorbing the execution history as well as the FSM’s control signals to derive the next state. When either the absorbed inputs, the state registers, or the function itself are affected by faults, SCFI triggers an error with no detection latency.
We integrate SCFI into a synthesis tool capable of automatically hardening arbitrary unprotected FSMs without user interaction and open-source the tool. Our evaluation shows that SCFI provides strong protection guarantees with a better area-time product than FSMs protected using classical redundancy-based approaches.
Finally, we formally verify the resilience of the protected state machines using a pre-silicon fault analysis tool.
In this paper, we present SCFI: a strong, probabilistic FSM protection mechanism ensuring that control-flow deviations from the intended control-flow are detected even in the presence of multiple faults. At its core, SCFI consists of a hardened next-state function absorbing the execution history as well as the FSM’s control signals to derive the next state. When either the absorbed inputs, the state registers, or the function itself are affected by faults, SCFI triggers an error with no detection latency.
We integrate SCFI into a synthesis tool capable of automatically hardening arbitrary unprotected FSMs without user interaction and open-source the tool. Our evaluation shows that SCFI provides strong protection guarantees with a better area-time product than FSMs protected using classical redundancy-based approaches.
Finally, we formally verify the resilience of the protected state machines using a pre-silicon fault analysis tool.
Original language | English |
---|---|
Title of host publication | 2023 Design, Automation and Test in Europe Conference and Exhibition, DATE 2023 - Proceedings |
Number of pages | 6 |
ISBN (Electronic) | 9783981926378 |
DOIs | |
Publication status | Published - 2023 |
Event | Design, Automation & Test in Europe Conference & Exhibition: DATE 2023 - Antwerp, Belgium Duration: 17 Apr 2023 → 19 Apr 2023 |
Publication series
Name | Proceedings -Design, Automation and Test in Europe, DATE |
---|---|
Volume | 2023-April |
ISSN (Print) | 1530-1591 |
Conference
Conference | Design, Automation & Test in Europe Conference & Exhibition |
---|---|
Abbreviated title | DATE '23 |
Country/Territory | Belgium |
City | Antwerp |
Period | 17/04/23 → 19/04/23 |
Keywords
- Control-Flow Integrity
- Fault Attacks
- Finite-State Machines
ASJC Scopus subject areas
- General Engineering
Fingerprint
Dive into the research topics of 'SCFI: State Machine Control-Flow Hardening Against Fault Attacks'. Together they form a unique fingerprint.Projects
- 1 Active
-
AWARE - Hardware-Ensured Software Security
Mangard, S. (Co-Investigator (CoI))
1/05/22 → 30/04/25
Project: Research project