Towards Fine-grained Side-Channel Instruction Disassembly on a System-on-Chip

Abstract

Side-channel based instruction disassembly (SCBD) is a family of side-channel attacks that aims at recovering the code executed by a device from physical measurements. Over past decades researches have proved that instruction-level disassembly is feasible on simple controllers. Simultaneously, the computing power and architectural complexity of processors are increasing, even in constrained devices. Performing side-channel attacks on mid or high-end devices is inherently harder because of complex concurrent activities and an important amount of noise. While broad pattern identification, such as cryptographic primitives, has been proved possible, the feasibility of precise SCBD remains an open question on a complex System-on-Chip (SoC). In this work, we address some of the technical challenges involved in performing SCBD on SoCs. We propose an experimental setup and measurement methodology that enables reliable characterization of instruction-level electromagnetic (EM) leakages. We study the feasibility of three code reconstruction granularities: functional unit recognition, opcode recognition and full instruction recovery. Under a controlled experimental environment, our results show that functional unit recognition is achievable (100% classification accuracy) as well as opcode recognition (with evidence of leakage). In our setup, full instruction recovery (i.e., bit-level encoding) turned out to be more challenging. We show that the classification accuracy on instruction bits is better than random guesses and can be improved by combining multiple EM probe positions, but it is not high enough to foresee an attack in a real environment.