SYNFI: Pre-Silicon Fault Analysis of an Open-Source Secure Element
نویسندگان
چکیده
Fault attacks are active, physical that an adversary can leverage to alter the control-flow of embedded devices gain access sensitive information or bypass protection mechanisms. Due severity these attacks, manufacturers deploy hardware-based fault defenses into security-critical systems, such as secure elements. The development countermeasures is a challenging task due complex interplay circuit components and because contemporary design automation tools tend optimize inserted structures away, thereby defeating their purpose. Hence, it critical rigorously verified post-synthesis. Since classical functional verification techniques fall short assessing effectiveness (due being analyzed when no faults present), developers have resort methods capable injecting in simulation testbench chip sample. However, developing test sequences inject error-prone performing on requires specialized equipment incredibly time-consuming. Moreover, identifying fault-vulnerable hard both approaches, fixing potential flaws post-silicon usually infeasible since would require another tape-out. To end, this paper introduces SYNFI, formal pre-silicon framework operates synthesized netlists. SYNFI be used analyze general effect input-output relationship its countermeasures, thus enables hardware designers assess verify systematic semi-automatic way. automatically extracts parts circuit, induces extracted subcircuit, analyzes faults’ effects using methods. demonstrate handling unmodified, industry-grade netlists with commercial open tools, we OpenTitan, first opensource element. In our analysis, identified security weaknesses unprotected AES block, developed targeted reassessed security, contributed back OpenTitan project. For other fault-hardened IP, life cycle controller, confirm existing provide adequate protection.
منابع مشابه
Bear: An Open-Source Virtual Secure Coprocessor based on TCPA
This paper reports on our ongoing project to use TCPA to transform a desktop Linux machine into a virtual secure coprocessor: more powerful but less secure than higher-end devices. We use TCPA hardware and modified boot loaders to protect fairly static components, such as a trusted kernel; we use an enforcer module—configured as Linux Security Module—to protected more dynamic system components;...
متن کاملan infinite planar array of rectangular microstrip patch antenna analysis
the methods which are used to analyze microstrip antennas, are divited into three categories: empirical methods, semi-empirical methods and full-wave analysis. empirical and semi-empirical methods are generally based on some fundamental simplifying assumptions about quality of surface current distribution and substrate thickness. thses simplificatioms cause low accuracy in field evaluation. ful...
15 صفحه اولNektar++: An open-source spectral/hp element framework
Nektar++ is an open-source software framework designed to support the development of highperformance scalable solvers for partial differential equations using the spectral/hp element method. High-order methods are gaining prominence in several engineering and biomedical applications due to their improved accuracy over low-order techniques at reduced computational cost for a given number of degr...
متن کاملDesigning Secure Systems Based on Open Architectures with Open Source and Closed Source Components
The development and evolution of secure open architecture systems has received insufficient consideration. Such systems are composed of both open source and closed software software components subject to different security requirements in an architecture in which evolution can occur by evolving existing components, replacing them, or refactoring their interfaces, interconnections and configurat...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IACR transactions on cryptographic hardware and embedded systems
سال: 2022
ISSN: ['2569-2925']
DOI: https://doi.org/10.46586/tches.v2022.i4.56-87