We’ve all heard about micro-architectural vulnerabilities, Meltdown, Spectre, and Foreshadow. Volumes have been written about them in the trade and popular press. Indeed, they are the top villains of the electronics world.
Meanwhile, academicians and scholars are closely investigating yet another group of bad actors that – like those vulnerabilities – are up to no good and are also attacking electronics systems. These are fault injection attacks or FIAs.
Bart Stevens, Sr. Director, Product Management for the Cryptography Product Group, recently wrote a piece for eeweb.com/EE Times network to explain to SoC and system designers what FIAs are all about and how best to skirt them in their next generation designs.
Simply put, he says, the whole idea of an FIA is to make silicon do something else besides what it’s intended to. The attackers objective is to create a transient fault during the execution of some particular chip operation or lead to the reduction or disabling of security features and countermeasures.
Two examples Stevens writes about are voltage and clock glitching. In the first one, he says the attacker increases voltage or creates a fake glitch in the system. As for clock glitching, he says one or more short pulses in the external clock are introduced to temporarily accelerate the chip’s clock.
Stevens tells eeweb.com/EE Times network readers that embedded security establishes the barriers to guard against FIAs and chip vulnerabilities.
“Certain key countermeasures like those in Rambus’ Root-of-Trust core are critical to assure the SoC and system designer an attacker is completely deprived of any attack avenue. Those countermeasures include items such as critical control signal redundancy, canary logic, separated key bus logic and logic to protect cryptographic algorithm implementations,” Stevens asserts.
Check out Rambus’ DPA Workstation (DPAWS) that’s available with Riscure fault injection products offering complete fault injection functionality and differential fault analysis (DFA).