protecting the control flow of embedded processors
play

Protecting the Control Flow of Embedded Processors against Fault - PowerPoint PPT Presentation

Dec 09, 2023 •230 likes •552 views

W I S S E N T E C H N I K L E I D E N S C H A F T Protecting the Control Flow of Embedded Processors against Fault Attacks Mario Werner 1 , Erich Wenger 2 , and Stefan Mangard 1 , 1 Graz University of Technology 2 Infineon

  1. W I S S E N T E C H N I K L E I D E N S C H A F T Protecting the Control Flow of Embedded Processors against Fault Attacks Mario Werner 1 , Erich Wenger 2 , and Stefan Mangard 1 , 1 Graz University of Technology 2 Infineon Technologies AG, Munich 5th November 2015, Bochum www.iaik.tugraz.at

  2. www.iaik.tugraz.at Context and Motivation Embedded systems are everywhere Assets in malicious environment Memory Processor Crypto System Various assets Protecting cryptographic primitives is insufficient Werner, Wenger, Mangard, 2 5th November 2015, Bochum

  3. www.iaik.tugraz.at Do we really care about the Processor? unsigned pin = read_pin(); bool auth = tpm_check(pin); if( auth ) { open_door(); } else { alert_police(); } log_event(); read_pin() tpm_check(pin) check if auth == true open_door() alert_police() log_event() Werner, Wenger, Mangard, 3 5th November 2015, Bochum

  4. www.iaik.tugraz.at Do we really care about the Processor? unsigned pin = read_pin(); bool auth = tpm_check(pin); if( auth ) { open_door(); } else { alert_police(); } log_event(); check condition perform action handle error continue Werner, Wenger, Mangard, 3 5th November 2015, Bochum

  5. www.iaik.tugraz.at Do we really care about the Processor? check_auth: // auth in R0 (1 if true) LDR R1, #1 CMP R0, R1 BNE not_authenticated authenticated: // open door // ... B next not_authenticated: // alert police next: // log event Werner, Wenger, Mangard, 3 5th November 2015, Bochum

  6. www.iaik.tugraz.at Do we really care about the Processor? check_auth: // auth in R0 (1 if true) LDR R1, #1 CMP R0, R1 BEQ not_authenticated authenticated: // open door // ... B next not_authenticated: // alert police next: // log event Werner, Wenger, Mangard, 3 5th November 2015, Bochum

  7. www.iaik.tugraz.at Do we really care about the Processor? check_auth: // auth in R0 (1 if true) LDR R1, #1 CMP R0, R0 BNE not_authenticated authenticated: // open door // ... B next not_authenticated: // alert police next: // log event Werner, Wenger, Mangard, 3 5th November 2015, Bochum

  8. www.iaik.tugraz.at Do we really care about the Processor? check_auth: // auth in R0 (1 if true) LDR R1, #1 CMP R0, R1 BNE not_authenticated authenticated: // open door // ... B next not_authenticated: // alert police next: // log event Werner, Wenger, Mangard, 3 5th November 2015, Bochum

  9. www.iaik.tugraz.at Goal and Results Goal: Enforce control-flow integrity Results: Analysis and evaluation of signature functions Detect a faulty instruction with 99.9 % within 3 cycles (arbitrary fault) Resistant against at least 7 precise bit flips injected across two instructions HDL implementation for a Cortex-M3 clone LLVM based toolchain 6.4 % hardware overhead 2 % to 71 % runtime overhead Werner, Wenger, Mangard, 4 5th November 2015, Bochum

  10. www.iaik.tugraz.at Control-Flow Integrity Execute code as programmed Perform only intended function calls Traverse control flow graph along programmed edges Execute basic blocks from start to end Preserve instructions and their order read_pin check_pin main unlock_door alert_police log_event Werner, Wenger, Mangard, 5 5th November 2015, Bochum

  11. www.iaik.tugraz.at Control-Flow Integrity Execute code as programmed Perform only intended function calls Traverse control flow graph along programmed edges Execute basic blocks from start to end Preserve instructions and their order check auth open_door() alert_police() log_event() Werner, Wenger, Mangard, 5 5th November 2015, Bochum

  12. www.iaik.tugraz.at Control-Flow Integrity Execute code as programmed Perform only intended function calls Traverse control flow graph along programmed edges Execute basic blocks from start to end Preserve instructions and their order check auth open_door() alert_police() log_event() Werner, Wenger, Mangard, 5 5th November 2015, Bochum

  13. www.iaik.tugraz.at Control-Flow Integrity Execute code as programmed Perform only intended function calls Traverse control flow graph along programmed edges Execute basic blocks from start to end Preserve instructions and their order check_auth: // auth in R0 (1 if true) LDR R1, #1 CMP R0, R0 BNE not_authenticated Werner, Wenger, Mangard, 5 5th November 2015, Bochum

  14. www.iaik.tugraz.at Concept Instruction stream integrity through derived signatures [MM88] Generalized path signature analysis (GPSA) [WS90] Optimize against fault attacks Implemented as hybrid scheme Dedicated assertions Continuous checks Werner, Wenger, Mangard, 6 5th November 2015, Bochum

  15. www.iaik.tugraz.at Derived Signatures [MM88] R e s e t _ H a n d l e r 0 x 0 0 0 0 0 0 0 0 0 x 0 0 0 0 b 5 b 0 b 5 b 0 : p u s h { r 4 , r 5 , r 7 , l r } 0 x 0 0 0 1 6 4 b 2 a f 0 2 : a d d r 7 , s p , # 8 0 x 0 0 0 1 a c b f 4 8 0 d : l d r r 0 , [ p c , # 5 2 ] 0 x 0 0 0 1 f 5 c d 4 9 0 e : l d r r 1 , [ p c , # 5 6 ] 0 x 0 0 0 2 3 8 5 5 4 2 8 8 : c m p r 0 , r 1 0 x 0 0 0 3 0 a 6 2 d 2 0 d : b h s # 2 6 R e s e t _ H a n d l e r : 1 R e s e t _ H a n d l e r : 2 0 x 0 0 0 3 0 a 6 2 0 x 0 0 0 3 0 a 6 2 0 x 0 0 0 3 5 4 6 f 4 a 0 d : l d r r 2 , [ p c , # 5 2 ] 0 x 0 0 0 3 5 6 6 8 4 c 0 6 : l d r r 4 , [ p c , # 2 4 ] . . . . . . ??? Werner, Wenger, Mangard, 7 5th November 2015, Bochum

  16. www.iaik.tugraz.at Generalized Path Signature Analysis [WS90] % 1 ( i f ) / / . . . % 2 % 3 / / . . . / / . . . / / . . . % 4 / / . . . / / . . . Werner, Wenger, Mangard, 8 5th November 2015, Bochum

  17. www.iaik.tugraz.at Generalized Path Signature Analysis [WS90] % 1 ( i f ) / / . . . % 2 % 3 / / . . . / / . . . update(sig1) / / . . . % 4 / / . . . / / . . . Werner, Wenger, Mangard, 8 5th November 2015, Bochum

  18. www.iaik.tugraz.at Generalized Path Signature Analysis [WS90] % 1 ( i f ) / / . . . % 2 % 3 / / . . . / / . . . update(sig1) / / . . . % 4 / / . . . / / . . . check(sig2) Werner, Wenger, Mangard, 8 5th November 2015, Bochum

  19. www.iaik.tugraz.at Generalized Path Signature Analysis [WS90] % 1 ( i f ) / / . . . % 2 % 3 / / . . . / / . . . update(sig1) / / . . . % 4 / / . . . / / . . . check(sig2) Werner, Wenger, Mangard, 8 5th November 2015, Bochum

  20. www.iaik.tugraz.at Generalized Path Signature Analysis [WS90] % 1 / / . . . % 2 ( w h i l e ) / / . . . % 6 / / . . . % 3 ( i f ) r e t u r n / / . . . % 5 % 4 / / . . . / / . . . r e t u r n Werner, Wenger, Mangard, 8 5th November 2015, Bochum

  21. www.iaik.tugraz.at Generalized Path Signature Analysis [WS90] % 1 / / . . . % 2 ( w h i l e ) / / . . . % 6 / / . . . % 3 ( i f ) r e t u r n / / . . . % 4 % 5 / / . . . / / . . . update(sig1) r e t u r n Werner, Wenger, Mangard, 8 5th November 2015, Bochum

  22. www.iaik.tugraz.at Generalized Path Signature Analysis [WS90] % 1 / / . . . % 2 ( w h i l e ) / / . . . % 6 update(sig2) % 3 ( i f ) / / . . . / / . . . r e t u r n % 4 % 5 / / . . . / / . . . update(sig1) r e t u r n Werner, Wenger, Mangard, 8 5th November 2015, Bochum

  23. www.iaik.tugraz.at Signature Functions against Fault Attacks Compression function Avoid collisions within one cycle Qualitative Requirements for GPSA: Reliability: S j + 1 ⊕ ∆ S j + 1 = f ( S j , I j ⊕ ∆ I j ) Error preservation: S j + 1 ⊕ ∆ S j + 1 = f ( S j ⊕ ∆ S j , I j ) Non associativity: f ( f ( S j , I j ) , I k ) � = f ( f ( S j , I k ) , I j ) Invertibility: S j = f − 1 ( S j + 1 , I j ) → single faulty instructions detectable Werner, Wenger, Mangard, 9 5th November 2015, Bochum

  24. www.iaik.tugraz.at Quantitative Evaluation MISRs and CRCs with various polynomials How hard is it to bypass the protection? Quality function: q ( j , t ) = HW (∆ I j ) + HW (∆ I j + t ) Worst case behavior min ( q ) matters → CRCs are better than MISRs against faults → min ( q ) = 8 for CRC-32C and CRC-32Q Werner, Wenger, Mangard, 10 5th November 2015, Bochum

  25. www.iaik.tugraz.at Implementation Hardware: Monitor for derived signatures Extended fetch unit Software: Compiler for ... GPSA signature updates ... assertions Post-processing tool for ... update and check constants ... continuous signature monitoring (CSM) Werner, Wenger, Mangard, 11 5th November 2015, Bochum

  26. www.iaik.tugraz.at Hardware Modifications Cortex-M3 System Address Space Fetch Decode Execute RAM DataOut Fetched CodeIn Instructions Register File DataIn Controller Peripherals Reference Signature Signatures Monitor for CSM MUL/ ALU DIV Address signature Code Generation Addr. Fetch Unit Controller f u Address Werner, Wenger, Mangard, 12 5th November 2015, Bochum

  27. www.iaik.tugraz.at Evaluation Hardware: CPU Core: 37 kGE Monitor: 1.5 kGE (4 %) Monitor + Core with CSM: 39 kGE (6.4 %) Benchmarks: Modified vs stock LLVM Coremark AES-256 Elliptic Curve Cryptography in C and with ASM Werner, Wenger, Mangard, 13 5th November 2015, Bochum

Recommend

Dominant Species Embedded Information Technology Embedded = most processors! Systems 300

Dominant Species Embedded Information Technology Embedded = most processors! Systems 300

Dominant Species Embedded Information Technology Embedded = most processors! Systems 300 million PC and server Jakob Engblom 9000 million embedded Adj. Lektor, IT-inst Business Development Manager, Virtutech

559 views • 10 slides
Protecting Dynamic Code by Modular Control-Flow Integrity Gang Tan Department of CSE, Penn State

Protecting Dynamic Code by Modular Control-Flow Integrity Gang Tan Department of CSE, Penn State

Protecting Dynamic Code by Modular Control-Flow Integrity Gang Tan Department of CSE, Penn State Univ. At International Workshop on Modularity Across the System Stack (MASS) Mar 14 th , 2016, Malaga, Spain Cyber Insecurity 2 Blame the

804 views • 54 slides
The Emerging Power Crisis in Embedded The Emerging Power Crisis in Embedded Processors What Can a

The Emerging Power Crisis in Embedded The Emerging Power Crisis in Embedded Processors What Can a

The Emerging Power Crisis in Embedded The Emerging Power Crisis in Embedded Processors What Can a (Poor) Compiler Do ? Processors What Can a (Poor) Compiler Do ? Weng-Fai Wong National University of Singapore Collaborators L.N. Chakrapani

377 views • 24 slides
Automated combination of tolerance and control flow integrity countermeasures against multiple

Automated combination of tolerance and control flow integrity countermeasures against multiple

Automated combination of tolerance and control flow integrity countermeasures against multiple fault attacks on embedded systems Thierno Barry PhD Candidate in security of Embedded Systems at CEA ( the French Atomic Energy Commission )

681 views • 18 slides
1 What is it Really? ARM Chips ARM Chips ARM Chips ARM Chips Typically an Embedded

1 What is it Really? ARM Chips ARM Chips ARM Chips ARM Chips Typically an Embedded

Overview Embedded Processors Why? Design Criteria Introduction to E mbedded Processors Architectural Options Example Architecture: ARM Instruction Set Architecture CSE 291E / EE260C ARM7 Spring 2002 ARM9

315 views • 7 slides
Embedded Processors Overview Design features Design features AMBA Bus AMBA Bus System

Embedded Processors Overview Design features Design features AMBA Bus AMBA Bus System

Advanced Digital IC Design Contents Embedded Processors Embedded Processors Overview Design features Design features AMBA Bus AMBA Bus System Why AMBA Dalia Iurascu AMBA AHB, APB Structure Alejandro Vzquez Bofill

386 views • 10 slides
1 What Is Control-Flow Analysis? Loop Concepts Control-flow analysis discovers the flow of

1 What Is Control-Flow Analysis? Loop Concepts Control-flow analysis discovers the flow of

Control-Flow Analysis and Loop Detection Context Last time Data-flow Speeding up data-flow analysis Flow of data values from defs to uses Could alternatively be represented as a data dependence Today Control-flow analysis

516 views • 5 slides
Embedded PC The modular Industrial PC for mid-range control Embedded PC 1 Embedded OS

Embedded PC The modular Industrial PC for mid-range control Embedded PC 1 Embedded OS

Embedded PC The modular Industrial PC for mid-range control Embedded PC 1 Embedded OS Operating Systems Major differences Details XPE / CE Embedded PC 2 The Windows Embedded OS family The modular, real The modular, real- -time

611 views • 22 slides
Flow and Congestion Control CS 218 F2003 Oct 29, 03 Flow control goals Classification

Flow and Congestion Control CS 218 F2003 Oct 29, 03 Flow control goals Classification

Flow and Congestion Control CS 218 F2003 Oct 29, 03 Flow control goals Classification and overview of main techniques TCP Tahoe, Reno, Vegas TCP Westwood Readings: (1) Keshavs book Chapter on Flow Control; (2)

374 views • 22 slides
1 Introduction to ES Architectures Components and Systems Embedded System Architectures

1 Introduction to ES Architectures Components and Systems Embedded System Architectures

Lectures 5 & 6 Overview Processors and Architectures General Purpose vs. Application Specific for Embedded Systems Processors General Purpose Core (IP)-based design vs. Application Specific Processors Reconfigurable Systems

362 views • 5 slides
Control flow Conditionals and Control Flow l A conditional branch

Control flow Conditionals and Control Flow l A conditional branch

10/2/15 Control flow Conditionals and Control Flow l A conditional branch is sufficient to implement most control Condition codes flow constructs offered in higher

356 views • 12 slides
1 Why Why flow flow control? control? sender

1 Why Why flow flow control? control? sender

Lecture 7. Lecture 7. TCP mechanisms for: TCP mechanisms for: data transfer control / flow control error control congestion control Graphical examples (applet java) of several algorithms at:

589 views • 13 slides
Flow of Control Flow of Control Recitation 09/(11,12)/2008 CS 180 CS 180 Department of

Flow of Control Flow of Control Recitation 09/(11,12)/2008 CS 180 CS 180 Department of

Flow of Control Flow of Control Recitation 09/(11,12)/2008 CS 180 CS 180 Department of Computer Science, Purdue University Project 2 j Now posted on the class webpage. Due Wed, Sept. 17 at 10 pm. Start early All

663 views • 22 slides
Concurrency and Scheduling Analysis of Real-time Embedded Software on Multi-core Processors

Concurrency and Scheduling Analysis of Real-time Embedded Software on Multi-core Processors

Concurrency and Scheduling Analysis of Real-time Embedded Software on Multi-core Processors Yann-Hang Lee Young Song Duo Lu CONFIDENTIAL Center for Embedded Systems | An NSF Industry/University Cooperative Research Center Project Overview and

276 views • 5 slides
Retargetable Compilers System on Chip Many different types of DSPs and embedded processors

Retargetable Compilers System on Chip Many different types of DSPs and embedded processors

Introduction Retargetable Compilers System on Chip Many different types of DSPs and embedded processors Daniel Karlsson ASIPs (replace by latest general purpose processor?) danka@ida.liu.se no compromise, high speed, low cost,

437 views • 9 slides
Programming in C 1 Flow of Control Flow of control The order in which statements are

Programming in C 1 Flow of Control Flow of control The order in which statements are

Programming in C 1 Flow of Control Flow of control The order in which statements are executed Transfer of control When the next statement executed is not the next one in sequence 2 Flow of Control Control structures

540 views • 34 slides
V3 1/3/2015 Programming in C 1 Flow of Control Flow of control The order in which

V3 1/3/2015 Programming in C 1 Flow of Control Flow of control The order in which

V3 1/3/2015 Programming in C 1 Flow of Control Flow of control The order in which statements are executed Transfer of control When the next statement executed is not the next one in sequence 2 Flow of Control Control

310 views • 12 slides
Backscatter from a scale-similarity model: embedded LES of channel flow, developing boundary

Backscatter from a scale-similarity model: embedded LES of channel flow, developing boundary

Backscatter from a scale-similarity model: embedded LES of channel flow, developing boundary layer flow and backstep flow [2] Lars Davidson Lars Davidson, www.tfd.chalmers.se/lada Embedded LES: Problem Formulation Interface RANS LES u

582 views • 32 slides
Exceptional Control Flow: Hardware support for reacting to the rest of the world. Control Flow

Exceptional Control Flow: Hardware support for reacting to the rest of the world. Control Flow

Exceptional Control Flow: Hardware support for reacting to the rest of the world. Control Flow Processor: read instruction, execute it, go to next instruction, repeat Physical control flow Explicit changes: Jumps (conditional, unconditional)

428 views • 8 slides
ex 1. compare and test : conditions Aside: save conditions b,a computes a - b , sets flags,

ex 1. compare and test : conditions Aside: save conditions b,a computes a - b , sets flags,

Conditionals and Control Flow Two key pieces 1. Comparisons and tests: check conditions 2. Transfer control: choose next instruction Control flow Processor Control-Flow State Familiar C constructs Condition codes (a.k.a. flags ) if else l

191 views • 8 slides
Control Structures Lecture 4 COP 3014 Fall 2020 September 10, 2020 Control Flow Control flow

Control Structures Lecture 4 COP 3014 Fall 2020 September 10, 2020 Control Flow Control flow

Control Structures Lecture 4 COP 3014 Fall 2020 September 10, 2020 Control Flow Control flow refers to the specification of the order in which the individual statements, instructions or function calls of an imperative program are executed or

333 views • 19 slides
Protecting RISC-V Processors against Physical Attacks Stefan Mangard, Robert Schilling, Thomas

Protecting RISC-V Processors against Physical Attacks Stefan Mangard, Robert Schilling, Thomas

www.iaik.tugraz.at S C I E N C E P A S S I O N T E C H N O L O G Y Protecting RISC-V Processors against Physical Attacks Stefan Mangard, Robert Schilling, Thomas Unterluggauer, Mario Werner

621 views • 57 slides
Python language: Control Flow The FOSSEE Group Department of Aerospace Engineering IIT Bombay

Python language: Control Flow The FOSSEE Group Department of Aerospace Engineering IIT Bombay

Python language: Control Flow The FOSSEE Group Department of Aerospace Engineering IIT Bombay Mumbai, India FOSSEE Team (FOSSEE IITB) Control flow 1 / 32 Outline Control flow 1 Basic Conditional flow Control flow 2 Basic Looping

560 views • 37 slides
Optimal Control of Plane Poiseuille Flow Workshop on Flow Control, Poitiers 11-14th Oct 04 J.

Optimal Control of Plane Poiseuille Flow Workshop on Flow Control, Poitiers 11-14th Oct 04 J.

Optimal Control of Plane Poiseuille Flow Workshop on Flow Control, Poitiers 11-14th Oct 04 J. Mckernan , J.F .Whidborne , G.Papadakis Cranfield University, U.K. Kings College, London, U.K. Optimal Control of

572 views • 22 slides

More recommend