使用跟踪验证解决方案在RISC-V核心上进行实验性EMFI检测

IF 1.9 4区计算机科学 Q3 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Microprocessors and Microsystems Pub Date : 2023-11-01 DOI:10.1016/j.micpro.2023.104968

Anthony Zgheib, Olivier Potin, Jean-Baptiste Rigaud, Jean-Max Dutertre

{"title":"使用跟踪验证解决方案在RISC-V核心上进行实验性EMFI检测","authors":"Anthony Zgheib, Olivier Potin, Jean-Baptiste Rigaud, Jean-Max Dutertre","doi":"10.1016/j.micpro.2023.104968","DOIUrl":null,"url":null,"abstract":"<div><p>Physical attacks are powerful threats that can cause changes in the execution behavior of a program. Control-Flow Integrity (CFI) is used to check the program’s flow execution, ensuring that it remains unaltered by these attacks. The RISC-V Trace Encoder (TE) provides valuable information about the user program’s execution path, and is used as part of a CFI solution. An enhanced version of the TE specifications permits detecting intricate fault models such as the corruption of any discontinuity instruction, using an additional Trace Verifier (TV) hardware module. In this paper, we present a buffer overflow software attack simulation and experimental ElectroMagnetic Fault Injection (EMFI) attacks conducted on an Field Programmable Gate Array (FPGA) board that implements a RISC-V core linked to the enhanced TE and TV modules. Unlike existing CFI solutions, our proposed approach does not require modifications to the RISC-V compiler, user application code or the RISC-V core. The average overhead of our solution in terms of hardware area, memory and power consumption are equal to 13.6%, 3.5% and 9% respectively.</p></div>","PeriodicalId":49815,"journal":{"name":"Microprocessors and Microsystems","volume":"103 ","pages":"Article 104968"},"PeriodicalIF":1.9000,"publicationDate":"2023-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Experimental EMFI detection on a RISC-V core using the Trace Verifier solution\",\"authors\":\"Anthony Zgheib, Olivier Potin, Jean-Baptiste Rigaud, Jean-Max Dutertre\",\"doi\":\"10.1016/j.micpro.2023.104968\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Physical attacks are powerful threats that can cause changes in the execution behavior of a program. Control-Flow Integrity (CFI) is used to check the program’s flow execution, ensuring that it remains unaltered by these attacks. The RISC-V Trace Encoder (TE) provides valuable information about the user program’s execution path, and is used as part of a CFI solution. An enhanced version of the TE specifications permits detecting intricate fault models such as the corruption of any discontinuity instruction, using an additional Trace Verifier (TV) hardware module. In this paper, we present a buffer overflow software attack simulation and experimental ElectroMagnetic Fault Injection (EMFI) attacks conducted on an Field Programmable Gate Array (FPGA) board that implements a RISC-V core linked to the enhanced TE and TV modules. Unlike existing CFI solutions, our proposed approach does not require modifications to the RISC-V compiler, user application code or the RISC-V core. The average overhead of our solution in terms of hardware area, memory and power consumption are equal to 13.6%, 3.5% and 9% respectively.</p></div>\",\"PeriodicalId\":49815,\"journal\":{\"name\":\"Microprocessors and Microsystems\",\"volume\":\"103 \",\"pages\":\"Article 104968\"},\"PeriodicalIF\":1.9000,\"publicationDate\":\"2023-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Microprocessors and Microsystems\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0141933123002120\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Microprocessors and Microsystems","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0141933123002120","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

摘要

物理攻击是一种强大的威胁，可以导致程序的执行行为发生变化。控制流完整性(CFI)用于检查程序的流执行，确保它不受这些攻击的影响。RISC-V跟踪编码器(TE)提供有关用户程序执行路径的宝贵信息，并作为CFI解决方案的一部分使用。TE规范的增强版本允许检测复杂的故障模型，例如使用额外的跟踪验证器(TV)硬件模块检测任何不连续指令的损坏。在本文中，我们提出了一种缓冲溢出软件攻击仿真和实验性电磁故障注入(EMFI)攻击，该攻击在现场可编程门阵列(FPGA)板上进行，该板实现了与增强型TE和TV模块相连的RISC-V核心。与现有的CFI解决方案不同，我们提出的方法不需要修改RISC-V编译器、用户应用程序代码或RISC-V核心。我们的解决方案在硬件面积、内存和功耗方面的平均开销分别为13.6%、3.5%和9%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Experimental EMFI detection on a RISC-V core using the Trace Verifier solution

Physical attacks are powerful threats that can cause changes in the execution behavior of a program. Control-Flow Integrity (CFI) is used to check the program’s flow execution, ensuring that it remains unaltered by these attacks. The RISC-V Trace Encoder (TE) provides valuable information about the user program’s execution path, and is used as part of a CFI solution. An enhanced version of the TE specifications permits detecting intricate fault models such as the corruption of any discontinuity instruction, using an additional Trace Verifier (TV) hardware module. In this paper, we present a buffer overflow software attack simulation and experimental ElectroMagnetic Fault Injection (EMFI) attacks conducted on an Field Programmable Gate Array (FPGA) board that implements a RISC-V core linked to the enhanced TE and TV modules. Unlike existing CFI solutions, our proposed approach does not require modifications to the RISC-V compiler, user application code or the RISC-V core. The average overhead of our solution in terms of hardware area, memory and power consumption are equal to 13.6%, 3.5% and 9% respectively.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Microprocessors and Microsystems 工程技术-工程：电子与电气

CiteScore

6.90

自引率

3.80%

发文量

204

审稿时长

172 days

期刊介绍： Microprocessors and Microsystems: Embedded Hardware Design (MICPRO) is a journal covering all design and architectural aspects related to embedded systems hardware. This includes different embedded system hardware platforms ranging from custom hardware via reconfigurable systems and application specific processors to general purpose embedded processors. Special emphasis is put on novel complex embedded architectures, such as systems on chip (SoC), systems on a programmable/reconfigurable chip (SoPC) and multi-processor systems on a chip (MPSoC), as well as, their memory and communication methods and structures, such as network-on-chip (NoC). Design automation of such systems including methodologies, techniques, flows and tools for their design, as well as, novel designs of hardware components fall within the scope of this journal. Novel cyber-physical applications that use embedded systems are also central in this journal. While software is not in the main focus of this journal, methods of hardware/software co-design, as well as, application restructuring and mapping to embedded hardware platforms, that consider interplay between software and hardware components with emphasis on hardware, are also in the journal scope.