TY - GEN
T1 - Multiple and Reproducible Fault Models on Micro-controller using Electromagnetic Fault Injection
AU - Khuat, Vanthanh
AU - Trabelsi, Oualid
AU - Sauvage, Laurent
AU - Danger, Jean Luc
N1 - Publisher Copyright:
© 2021 IEEE.
PY - 2021/7/26
Y1 - 2021/7/26
N2 - In this paper, we present a method to obtain multiple and reproducible fault models on a 32-bit Micro-controller (MCU) using Electromagnetic Fault Injection (EMFI). By using different Pulse Width (PW), this method allows to obtain either a replay or skip of instructions fault model with a fault rate up to 100%. Specifically, a replay of an instruction block is obtained with the PW of 1.5 nano second (ns), whereas a skip of an instruction block is observed with the PW of 7.0 ns. With these types of fault model, an adversary may be able to retrieve secret information, as cryptographic key, by using efficient attacks. The study is carried out by enabling or disabling the cache. The only difference is that the resulting faulty block is either 32 bits when the cache is disabled or 64 bits when the cache is enabled. The impact of the Pulse Amplitude (PA) has been analyzed, and the fault model has been characterized at bit level. These results demonstrate the efficiency and the flexibility of the EMFI which should be considered for designing robust MCU.
AB - In this paper, we present a method to obtain multiple and reproducible fault models on a 32-bit Micro-controller (MCU) using Electromagnetic Fault Injection (EMFI). By using different Pulse Width (PW), this method allows to obtain either a replay or skip of instructions fault model with a fault rate up to 100%. Specifically, a replay of an instruction block is obtained with the PW of 1.5 nano second (ns), whereas a skip of an instruction block is observed with the PW of 7.0 ns. With these types of fault model, an adversary may be able to retrieve secret information, as cryptographic key, by using efficient attacks. The study is carried out by enabling or disabling the cache. The only difference is that the resulting faulty block is either 32 bits when the cache is disabled or 64 bits when the cache is enabled. The impact of the Pulse Amplitude (PA) has been analyzed, and the fault model has been characterized at bit level. These results demonstrate the efficiency and the flexibility of the EMFI which should be considered for designing robust MCU.
KW - Characterization
KW - Electromagnetic fault injection
KW - Fault models
KW - Micro-controller
UR - https://www.scopus.com/pages/publications/85118402945
U2 - 10.1109/EMC/SI/PI/EMCEurope52599.2021.9559288
DO - 10.1109/EMC/SI/PI/EMCEurope52599.2021.9559288
M3 - Conference contribution
AN - SCOPUS:85118402945
T3 - 2021 Joint IEEE International Symposium on Electromagnetic Compatibility Signal and Power Integrity, and EMC Europe, EMC/SI/PI/EMC Europe 2021
SP - 667
EP - 672
BT - 2021 Joint IEEE International Symposium on Electromagnetic Compatibility Signal and Power Integrity, and EMC Europe, EMC/SI/PI/EMC Europe 2021
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2021 Joint IEEE International Symposium on Electromagnetic Compatibility Signal and Power Integrity, and EMC Europe, EMC/SI/PI/EMC Europe 2021
Y2 - 26 July 2021 through 20 August 2021
ER -