MAFIA: Protecting the Microarchitecture of Embedded Systems Against Fault Injection Attacks

Fault injection attacks represent an effective threat to embedded systems. Recently, Laurent et al. have reported that fault injection attacks can leverage faults inside the microarchitecture. However, state-of-the-art counter-measures, hardwareonly or with hardware support, do not consider the inte...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	IEEE transactions on computer-aided design of integrated circuits and systems 2023-12, Vol.42 (12), p.1-1
Hauptverfasser:	Chamelot, Thomas, Courousse, Damien, Heydemann, Karine
Format:	Artikel
Sprache:	eng
Schlagworte:	Circuit faults code authenticity code integrity Codes Computer Science control logic control-flow integrity control-signal integrity counter-measures Cryptography and Security Embedded systems fault injection attacks Hardware Hardware Architecture Integrity Microarchitecture Microprocessors Pipelines Process control RISC Security System effectiveness
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	1
container_issue	12
container_start_page	1
container_title	IEEE transactions on computer-aided design of integrated circuits and systems
container_volume	42
creator	Chamelot, Thomas Courousse, Damien Heydemann, Karine
description	Fault injection attacks represent an effective threat to embedded systems. Recently, Laurent et al. have reported that fault injection attacks can leverage faults inside the microarchitecture. However, state-of-the-art counter-measures, hardwareonly or with hardware support, do not consider the integrity of microarchitecture control signals that are the target of these faults. We present MAFIA, a microarchitecture protection against fault injection attacks. MAFIA ensures integrity of pipeline control signals through a signature-based mechanism, and ensures fine-grained control-flow integrity with a complete indirect branch support and code authenticity. We analyse the security properties of two different implementations with different security/ overhead trade-offs: one with a CBC-MAC/Prince signature function, and another one with a CRC32. We present our implementation of MAFIA in a RISC-V processor, supported by a dedicated compiler toolchain based on LLVM/Clang. We report a hardware area overhead of 23.8% and 6.5% for the CBC-MAC/Prince and CRC32 respectively. The average code size and execution time overheads are 29.4% and 18.4% respectively for the CRC32 implementation and are 50% and 39% for the CBC-MAC/Prince.
doi_str_mv	10.1109/TCAD.2023.3276507
format	Article
fullrecord	<record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_ieee_primary_10124740</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10124740</ieee_id><sourcerecordid>2892374488</sourcerecordid><originalsourceid>FETCH-LOGICAL-c280t-bb0b7b86358987a73c5b25529a9c0263cb1b3f0ac5c244071697b5b8e2536bc13</originalsourceid><addsrcrecordid>eNpNkEtLAzEUhYMoWB8_QHARcOVi6s1rkrgbaquFioK6chGSNLVT2xlNUsF_7wwVcXXh8p3D4UPojMCQENBXz6PqZkiBsiGjshQg99CAaCYLTgTZRwOgUhUAEg7RUUorAMIF1QP0el9NptU1foxtDj7XzRvOy4Dvax9bG_2y7r_bGHC7wOONC_N5mOOn75TDJuHqzdZNynhit-uMp82qb2gbXOVs_Xs6QQcLu07h9Pceo5fJ-Hl0V8webqejalZ4qiAXzoGTTpVMKK2klcwLR0W3zmoPtGTeEccWYL3wlHOQpNTSCacCFax0nrBjdLnrXdq1-Yj1xsZv09ra3FUz44M1wEFrTvhXz17s2I_Yfm5DymbVbmPTzTNUacok50p1FNlRnYWUYlj81RIwvW_T-za9b_Pru8uc7zJ1COEfTyiXHNgPxnx5xw</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2892374488</pqid></control><display><type>article</type><title>MAFIA: Protecting the Microarchitecture of Embedded Systems Against Fault Injection Attacks</title><source>IEEE Electronic Library (IEL)</source><creator>Chamelot, Thomas ; Courousse, Damien ; Heydemann, Karine</creator><creatorcontrib>Chamelot, Thomas ; Courousse, Damien ; Heydemann, Karine</creatorcontrib><description>Fault injection attacks represent an effective threat to embedded systems. Recently, Laurent et al. have reported that fault injection attacks can leverage faults inside the microarchitecture. However, state-of-the-art counter-measures, hardwareonly or with hardware support, do not consider the integrity of microarchitecture control signals that are the target of these faults. We present MAFIA, a microarchitecture protection against fault injection attacks. MAFIA ensures integrity of pipeline control signals through a signature-based mechanism, and ensures fine-grained control-flow integrity with a complete indirect branch support and code authenticity. We analyse the security properties of two different implementations with different security/ overhead trade-offs: one with a CBC-MAC/Prince signature function, and another one with a CRC32. We present our implementation of MAFIA in a RISC-V processor, supported by a dedicated compiler toolchain based on LLVM/Clang. We report a hardware area overhead of 23.8% and 6.5% for the CBC-MAC/Prince and CRC32 respectively. The average code size and execution time overheads are 29.4% and 18.4% respectively for the CRC32 implementation and are 50% and 39% for the CBC-MAC/Prince.</description><identifier>ISSN: 0278-0070</identifier><identifier>EISSN: 1937-4151</identifier><identifier>DOI: 10.1109/TCAD.2023.3276507</identifier><identifier>CODEN: ITCSDI</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Circuit faults ; code authenticity ; code integrity ; Codes ; Computer Science ; control logic ; control-flow integrity ; control-signal integrity ; counter-measures ; Cryptography and Security ; Embedded systems ; fault injection attacks ; Hardware ; Hardware Architecture ; Integrity ; Microarchitecture ; Microprocessors ; Pipelines ; Process control ; RISC ; Security ; System effectiveness</subject><ispartof>IEEE transactions on computer-aided design of integrated circuits and systems, 2023-12, Vol.42 (12), p.1-1</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2023</rights><rights>Distributed under a Creative Commons Attribution 4.0 International License</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c280t-bb0b7b86358987a73c5b25529a9c0263cb1b3f0ac5c244071697b5b8e2536bc13</cites><orcidid>0000-0003-2761-3627 ; 0000-0003-2092-924X ; 0000-0001-7037-6407</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10124740$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>230,315,781,785,797,886,27929,27930,54763</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/10124740$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc><backlink>$$Uhttps://cea.hal.science/cea-04099414$$DView record in HAL$$Hfree_for_read</backlink></links><search><creatorcontrib>Chamelot, Thomas</creatorcontrib><creatorcontrib>Courousse, Damien</creatorcontrib><creatorcontrib>Heydemann, Karine</creatorcontrib><title>MAFIA: Protecting the Microarchitecture of Embedded Systems Against Fault Injection Attacks</title><title>IEEE transactions on computer-aided design of integrated circuits and systems</title><addtitle>TCAD</addtitle><description>Fault injection attacks represent an effective threat to embedded systems. Recently, Laurent et al. have reported that fault injection attacks can leverage faults inside the microarchitecture. However, state-of-the-art counter-measures, hardwareonly or with hardware support, do not consider the integrity of microarchitecture control signals that are the target of these faults. We present MAFIA, a microarchitecture protection against fault injection attacks. MAFIA ensures integrity of pipeline control signals through a signature-based mechanism, and ensures fine-grained control-flow integrity with a complete indirect branch support and code authenticity. We analyse the security properties of two different implementations with different security/ overhead trade-offs: one with a CBC-MAC/Prince signature function, and another one with a CRC32. We present our implementation of MAFIA in a RISC-V processor, supported by a dedicated compiler toolchain based on LLVM/Clang. We report a hardware area overhead of 23.8% and 6.5% for the CBC-MAC/Prince and CRC32 respectively. The average code size and execution time overheads are 29.4% and 18.4% respectively for the CRC32 implementation and are 50% and 39% for the CBC-MAC/Prince.</description><subject>Circuit faults</subject><subject>code authenticity</subject><subject>code integrity</subject><subject>Codes</subject><subject>Computer Science</subject><subject>control logic</subject><subject>control-flow integrity</subject><subject>control-signal integrity</subject><subject>counter-measures</subject><subject>Cryptography and Security</subject><subject>Embedded systems</subject><subject>fault injection attacks</subject><subject>Hardware</subject><subject>Hardware Architecture</subject><subject>Integrity</subject><subject>Microarchitecture</subject><subject>Microprocessors</subject><subject>Pipelines</subject><subject>Process control</subject><subject>RISC</subject><subject>Security</subject><subject>System effectiveness</subject><issn>0278-0070</issn><issn>1937-4151</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2023</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNpNkEtLAzEUhYMoWB8_QHARcOVi6s1rkrgbaquFioK6chGSNLVT2xlNUsF_7wwVcXXh8p3D4UPojMCQENBXz6PqZkiBsiGjshQg99CAaCYLTgTZRwOgUhUAEg7RUUorAMIF1QP0el9NptU1foxtDj7XzRvOy4Dvax9bG_2y7r_bGHC7wOONC_N5mOOn75TDJuHqzdZNynhit-uMp82qb2gbXOVs_Xs6QQcLu07h9Pceo5fJ-Hl0V8webqejalZ4qiAXzoGTTpVMKK2klcwLR0W3zmoPtGTeEccWYL3wlHOQpNTSCacCFax0nrBjdLnrXdq1-Yj1xsZv09ra3FUz44M1wEFrTvhXz17s2I_Yfm5DymbVbmPTzTNUacok50p1FNlRnYWUYlj81RIwvW_T-za9b_Pru8uc7zJ1COEfTyiXHNgPxnx5xw</recordid><startdate>20231201</startdate><enddate>20231201</enddate><creator>Chamelot, Thomas</creator><creator>Courousse, Damien</creator><creator>Heydemann, Karine</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>1XC</scope><scope>VOOES</scope><orcidid>https://orcid.org/0000-0003-2761-3627</orcidid><orcidid>https://orcid.org/0000-0003-2092-924X</orcidid><orcidid>https://orcid.org/0000-0001-7037-6407</orcidid></search><sort><creationdate>20231201</creationdate><title>MAFIA: Protecting the Microarchitecture of Embedded Systems Against Fault Injection Attacks</title><author>Chamelot, Thomas ; Courousse, Damien ; Heydemann, Karine</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c280t-bb0b7b86358987a73c5b25529a9c0263cb1b3f0ac5c244071697b5b8e2536bc13</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Circuit faults</topic><topic>code authenticity</topic><topic>code integrity</topic><topic>Codes</topic><topic>Computer Science</topic><topic>control logic</topic><topic>control-flow integrity</topic><topic>control-signal integrity</topic><topic>counter-measures</topic><topic>Cryptography and Security</topic><topic>Embedded systems</topic><topic>fault injection attacks</topic><topic>Hardware</topic><topic>Hardware Architecture</topic><topic>Integrity</topic><topic>Microarchitecture</topic><topic>Microprocessors</topic><topic>Pipelines</topic><topic>Process control</topic><topic>RISC</topic><topic>Security</topic><topic>System effectiveness</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Chamelot, Thomas</creatorcontrib><creatorcontrib>Courousse, Damien</creatorcontrib><creatorcontrib>Heydemann, Karine</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>Hyper Article en Ligne (HAL)</collection><collection>Hyper Article en Ligne (HAL) (Open Access)</collection><jtitle>IEEE transactions on computer-aided design of integrated circuits and systems</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Chamelot, Thomas</au><au>Courousse, Damien</au><au>Heydemann, Karine</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>MAFIA: Protecting the Microarchitecture of Embedded Systems Against Fault Injection Attacks</atitle><jtitle>IEEE transactions on computer-aided design of integrated circuits and systems</jtitle><stitle>TCAD</stitle><date>2023-12-01</date><risdate>2023</risdate><volume>42</volume><issue>12</issue><spage>1</spage><epage>1</epage><pages>1-1</pages><issn>0278-0070</issn><eissn>1937-4151</eissn><coden>ITCSDI</coden><abstract>Fault injection attacks represent an effective threat to embedded systems. Recently, Laurent et al. have reported that fault injection attacks can leverage faults inside the microarchitecture. However, state-of-the-art counter-measures, hardwareonly or with hardware support, do not consider the integrity of microarchitecture control signals that are the target of these faults. We present MAFIA, a microarchitecture protection against fault injection attacks. MAFIA ensures integrity of pipeline control signals through a signature-based mechanism, and ensures fine-grained control-flow integrity with a complete indirect branch support and code authenticity. We analyse the security properties of two different implementations with different security/ overhead trade-offs: one with a CBC-MAC/Prince signature function, and another one with a CRC32. We present our implementation of MAFIA in a RISC-V processor, supported by a dedicated compiler toolchain based on LLVM/Clang. We report a hardware area overhead of 23.8% and 6.5% for the CBC-MAC/Prince and CRC32 respectively. The average code size and execution time overheads are 29.4% and 18.4% respectively for the CRC32 implementation and are 50% and 39% for the CBC-MAC/Prince.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/TCAD.2023.3276507</doi><tpages>1</tpages><orcidid>https://orcid.org/0000-0003-2761-3627</orcidid><orcidid>https://orcid.org/0000-0003-2092-924X</orcidid><orcidid>https://orcid.org/0000-0001-7037-6407</orcidid><oa>free_for_read</oa></addata></record>
fulltext	fulltext_linktorsrc
identifier	ISSN: 0278-0070
ispartof	IEEE transactions on computer-aided design of integrated circuits and systems, 2023-12, Vol.42 (12), p.1-1
issn	0278-0070 1937-4151
language	eng
recordid	cdi_ieee_primary_10124740
source	IEEE Electronic Library (IEL)
subjects	Circuit faults code authenticity code integrity Codes Computer Science control logic control-flow integrity control-signal integrity counter-measures Cryptography and Security Embedded systems fault injection attacks Hardware Hardware Architecture Integrity Microarchitecture Microprocessors Pipelines Process control RISC Security System effectiveness
title	MAFIA: Protecting the Microarchitecture of Embedded Systems Against Fault Injection Attacks
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-13T03%3A43%3A18IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=MAFIA:%20Protecting%20the%20Microarchitecture%20of%20Embedded%20Systems%20Against%20Fault%20Injection%20Attacks&rft.jtitle=IEEE%20transactions%20on%20computer-aided%20design%20of%20integrated%20circuits%20and%20systems&rft.au=Chamelot,%20Thomas&rft.date=2023-12-01&rft.volume=42&rft.issue=12&rft.spage=1&rft.epage=1&rft.pages=1-1&rft.issn=0278-0070&rft.eissn=1937-4151&rft.coden=ITCSDI&rft_id=info:doi/10.1109/TCAD.2023.3276507&rft_dat=%3Cproquest_RIE%3E2892374488%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2892374488&rft_id=info:pmid/&rft_ieee_id=10124740&rfr_iscdi=true