Fault injection as an attack vector against trustworthy embedded systems

Abstract

In the Internet of Things, the cyber-world will use a huge number of small embedded computing elements to control and sense the real world. The integrity and trustworthiness of these embedded systems is crucial; their manipulation has direct consequences to the safety of the applications they support.

In this presentation we discuss the threat vector of implementation attacks on these embedded systems. We assume an adversary who can disturb the operation of such embedded systems by means of fault injection: the deliberate insertion of a computation error or memory error. This attack vector is realistic in cases when the embedded computing elements are subject to physical manipulation by an adversary. Fault injection can be achieved by pushing the embedded system outside of its nominal operating limits, which can be achieved by many different techniques.

We review the principles of fault injection, and highlight its use as a versatile hacking tool to obtain device control and to extract secret data. The traditional technique, differential fault analysis, dates back almost two decades, and many very effective variants have since been proposed. Most recently, biased-fault attacks have been developed which are able to use fault-response behavior as a side-channel signal. We review these biased fault attacks and explain why they are a threat to contemporary embedded designs. Finally, we show that biased-fault attacks apply equally well to software. We conclude that a fault attack can be engineered by an adversary to obtain a precise result.