Self-Assertion-Based Countermeasures Within a RISC-V Microprocessor for Coverage of Information Leakage Faults

The execution behavior of a microprocessor (\mu {P}) in the presence of a fault is difficult to predict because of the complex interactions across pipeline stages and between functional units within the architecture. In prior work, we have observed that fault effects do not introduce any type of anomaly in the input-output behavior for 10s of thousands to millions of clock cycles. These characteristics increase the difficulty of evaluating \mu {P} architectures for resilience to information leakage events, i.e., scenarios where a fault causes sensitive data, such as an encryption key, to be inadvertently diverted to a primary output channel. In this article, we use an accelerated fault emulation platform implemented on a Xilinx ZCU102 board to evaluate an ASIC implementation of the Potato RISC-V \mu {P} for information leakage events as faults from several different classes are introduced. The effectiveness and latency associated with a set of self-assertion-based countermeasures (SABCs), that perform simple consistency checks on instructions and datapath values, are investigated. The countermeasures are characterized as dynamic verification (or as a continuous symptom monitor) because detection occurs during program execution. The detection and latency results of the SABCs are compared against a periodic counter-based countermeasure proposed in previous work.