TY - GEN
T1 - CompaSeC
T2 - 28th Asia and South Pacific Design Automation Conference, ASP-DAC 2023
AU - Geier, Johannes
AU - Auer, Lukas
AU - Mueller-Gritschneder, Daniel
AU - Sharif, Uzair
AU - Schlichtmann, Ulf
N1 - Publisher Copyright:
© 2023 Copyright held by the owner/author(s).
PY - 2023/1/16
Y1 - 2023/1/16
N2 - Fault-injection attacks are a risk for any computing system executing security-relevant tasks, such as a secure boot process. While hardware-based countermeasures to these invasive attacks have been found to be a suitable option, they have to be implemented via hardware extensions and are thus not available in most Commonly used Off-The-Shelf (COTS) components. Software Implemented Hardware Fault Tolerance (SIHFT) is therefore the only valid option to enhance a COTS system's resilience against fault attacks. Established SIHFT techniques usually target the detection of random hardware errors for functional safety and not targeted attacks. Using the example of a secure boot system running on a RISC-V processor, in this work we first show that when the software is hardened by these existing techniques from the safety domain, the number of vulnerabilities in the boot process to single, double, triple, and quadruple instruction skips cannot be fully closed. We extend these techniques to the security domain and propose Compiler-assisted Security Countermeasure (CompaSeC). We demonstrate that CompaSeC can close all vulnerabilities for the studied secure boot system. To further reduce performance and memory overheads we additionally propose a method for CompaSeC to selectively harden individual vulnerable functions without compromising the security against the considered instruction skip faults.
AB - Fault-injection attacks are a risk for any computing system executing security-relevant tasks, such as a secure boot process. While hardware-based countermeasures to these invasive attacks have been found to be a suitable option, they have to be implemented via hardware extensions and are thus not available in most Commonly used Off-The-Shelf (COTS) components. Software Implemented Hardware Fault Tolerance (SIHFT) is therefore the only valid option to enhance a COTS system's resilience against fault attacks. Established SIHFT techniques usually target the detection of random hardware errors for functional safety and not targeted attacks. Using the example of a secure boot system running on a RISC-V processor, in this work we first show that when the software is hardened by these existing techniques from the safety domain, the number of vulnerabilities in the boot process to single, double, triple, and quadruple instruction skips cannot be fully closed. We extend these techniques to the security domain and propose Compiler-assisted Security Countermeasure (CompaSeC). We demonstrate that CompaSeC can close all vulnerabilities for the studied secure boot system. To further reduce performance and memory overheads we additionally propose a method for CompaSeC to selectively harden individual vulnerable functions without compromising the security against the considered instruction skip faults.
KW - Compiler
KW - Fault injection attack
KW - RISC-V
KW - Redundancy
UR - https://www.scopus.com/pages/publications/85148487212
U2 - 10.1145/3566097.3567925
DO - 10.1145/3566097.3567925
M3 - Conference contribution
AN - SCOPUS:85148487212
T3 - Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC
SP - 676
EP - 682
BT - ASP-DAC 2023 - 28th Asia and South Pacific Design Automation Conference, Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 16 January 2023 through 19 January 2023
ER -