Award Abstract # 1441710
SaTC: STARSS: FAME: Fault-attack Awareness using Microprocessor Enhancements

NSF Org: CNS
Division Of Computer and Network Systems
Recipient: VIRGINIA POLYTECHNIC INSTITUTE & STATE UNIVERSITY
Initial Amendment Date: September 8, 2014
Latest Amendment Date: September 8, 2014
Award Number: 1441710
Award Instrument: Standard Grant
Program Manager: Sandip Kundu
CNS  Division Of Computer and Network Systems
CSE  Directorate for Computer and Information Science and Engineering
Start Date: October 1, 2014
End Date: September 30, 2018 (Estimated)
Total Intended Award Amount: $307,000.00
Total Awarded Amount to Date: $307,000.00
Funds Obligated to Date: FY 2014 = $307,000.00
History of Investigator:
  • Patrick Schaumont (Principal Investigator)
     pschaumont@wpi.edu
  • Leyla Nazhandali (Co-Principal Investigator)
Recipient Sponsored Research Office: Virginia Polytechnic Institute and State University
 300 TURNER ST NW
 BLACKSBURG
 VA  US  24060-3359
(540)231-5281
Sponsor Congressional District: 09
Primary Place of Performance: Virginia Polytechnic Institute and State University
 Durham Hall
 Blacksburg
 VA  US  24061-0001
Primary Place of Performance
Congressional District:		 09
Unique Entity Identifier (UEI): QDE5UHE5XD16
Parent UEI: X6KEFGLHSJX7
NSF Program(s): Secure &Trustworthy Cyberspace
Primary Program Source: 01001415DB NSF RESEARCH & RELATED ACTIVIT
Program Reference Code(s): 7434, 8225
Program Element Code(s): 806000
Award Agency Code: 4900
Fund Agency Code: 4900
Assistance Listing Number(s): 47.070

ABSTRACT

With the tremendous growth of sensitive and security-critical processing on embedded and pervasive platforms, the threat model for secure electronics is expanding from software into hardware. A wide range of fault attacks, based on physical manipulation of the electronics operating environment, is now available to the adversary.

The major outcome of this project is FAME, a collection of hardware techniques for microprocessor architectures to detect these fault injection attacks, and to mitigate fault analysis through an appropriate response in software. The FAME processor is developed both as an architecture concept as well as a chip prototype.

The FAME processor uses fault countermeasures that combine fault detection in microprocessor hardware with fault response in the software application. The fault detection in hardware uses static (design-time) and dynamic (runtime) techniques for in-situ fault detection. These fault-detecting hardware extensions are optimized for power and cost, and they can be enabled from the software application. This flexibility allows FAME to support non-critical applications at full microprocessor performance, while still offering full fault countermeasures for security-critical applications. The FAME processor chip demonstrates these techniques, as well as novel forms of fault analysis that are investigated in tandem with the development of FAME.

The impacts of this project are safer, more trustworthy microprocessors that are aware of their physical environment and the threats it poses to their internal processing. Such microprocessors offer the basis for cyber-security applications that can handle both logical as well as physical threats.

PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH

Note:  When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

(Showing: 1 - 10 of 11)
B. Yuce, C. Deshpande, M. Ghodrati, A. Bendre, L. Nazhandali, P. Schaumont "A Secure Exception Mode for Fault-Attack-Resistant Processing" IEEE Transactions on Dependable and Secure Computing , 2018 10.1109/TDSC.2018.2823767
B. Yuce, N. Farhady Ghalaty, H. Santapuri, C. Deshpande, C. Patrick, P. Schaumont "Software Fault Resistance is Futile: Effective Single-glitch Attacks" Fault Diagnosis and Tolerance in Cryptography (FDTC 2016) , 2016 10.1109/FDTC.2016.21
B. Yuce, N. Farhady Ghalaty, P. Schaumont "Improving Fault Attacks on Embedded Software using RISC Pipeline Characterization" Fault Diagnosis and Tolerance in Cryptography (FTDC 2015) , 2015 10.1109/FDTC.2015.16
B. Yuce, N. F. Ghalaty, C. Deshpande, H. Santapuri, C. Patrick, L. Nazhandali, P. Schaumont "Analyzing the Fault Injection Sensitivity of Embedded Software" ACM Transactions on Embedded Computing Systems , v.16 , 2017 10.1145/3063311
B. Yuce, N. F. Ghalaty, C. Deshpande, H. Santapuri, C. Patrick, P. Schaumont "Analyzing the Fault Injection Sensitivity of Secure Embedded Software" IEEE Embedded Systems Letters , v.8 , 2016 10.1109/LES.2016.2524652
B. Yuce, P. Schaumont, M. Witteman "Fault Attacks on Secure Embedded Software: Threats, Design, Evaluation" Springer Journal of Hardware and Systems Security , 2018 10.1007/s41635-018-0038-1
C. Deshpande, B. Yuce, N. F. Ghalaty, D. Ganta, P. Schaumont, L. Nazhandali "A Configurable and Lightweight Timing Monitor for Fault Attack Detection" IEEE Computer Society Annual Symposium on VLSI , 2016 10.1109/ISVLSI.2016.123
C. Patrick, B. Yuce, N. Farhady Ghalaty, P. Schaumont "Lightweight Fault Attack Resistance in Software Using Intra-Instruction Redundancy" Selected Areas in Cryptography (SAC 2016) , 2016
H. Rawat, P. Schaumont "Vector Instruction Set Extensions for Efficient Computation of KECCAK" IEEE Transactions on Computers , 2017 10.1109/TC.2017.2700795
M. Ghodrati, S. Gujar, B. Yuce, P. Schaumont, L. Nazhandali "Inducing Local Timing Fault through EM Injection" Proc. Design Automation Conference (DAC18), San Francisco, CA , 2018 10.1145/3195970.3196064
N. Farhady Ghalaty, B. Yuce, P. Schaumont "Analyzing the Efficiency of Biased-Fault Attacks" IEEE Embedded Systems Letters , v.8 , 2015 , p.33 10.1109/LES.2016.2524652
(Showing: 1 - 10 of 11)

PROJECT OUTCOMES REPORT

Disclaimer

This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.

When software runs on a microprocessor, the software programmer implicitly assumes that the processor will execute every instruction correctly, precisely as it was written by the programmer.
In this project, we investigate fault attacks. A hacker can change the meaning of software instructions by introducing deliberate faults into the microprocessor. The hacker injects faults through manipulation of the microprocessor hardware environment, such by manipulating the power supply or the microprocessor clock. Such a hardware hacker hence uses defects of the hardware execution to introduce defects in software. The scenario of the hardware hacker is real and credible: it has been demonstrated to affect a broad range of computers. Furthermore, novel applications in the area of Cyber-Physical Systems and Internet of Things imply that the microprocessor hardware is often within easy reach of hackers, and that fault injection attacks a realistic threat.
The project has two main activities. First, we investigate the difficulty of performing these fault injection attacks on software. We use a simulation of a microprocessor, as well as a microprocessor prototype implementation. Second, we investigate how the microprocessor can be improved such that it can detect fault injection attacks, and respond to it. We use sensors that detect fault injection as it happens, and that alert the software of the security emergency.
The challenge of fault injection attacks on software is that it is hard to predict the effect of fault injection on the execution of software. Our work develops an attack called Differential Fault Intensity Analysis. It takes away the biggest factor of uncertainty in conduction fault injection, namely the requirement to understand the exact nature of the fault. We demonstrate DFIA on multiple hardware and software targets, including cryptographic software and system software.
We also develop two chips, FAME1 and FAME2, which demonstrate countermeasures against fault injection attacks. The chips have fault injection sensors that detect various methods of fault injection using electromagnetic pulses and power supply pulses. We demonstrate the operation of these chips and their correct response to fault injection.
This project supports the graduate research project of 2 PhD level students and 3 Master level students. The project results are written up in 4 Journal level papers, 10 Conference level papers and one Book Chapter. The FAME1 design won the Best Hardware Demo Award at the 2017 IEEE Hardware Oriented Security and Trust Symposium.


Last Modified: 10/30/2018
Modified by: Patrick Schaumont

Images (1 of 3)

Please report errors in award information by writing to: awardsearch@nsf.gov.

Print this page

Back to Top of page

Top