QEMU-Based Fault Injection for a System-Level Analysis of Software Countermeasures Against Fault Attacks
作者: Andrea Holler , Armin Krieg , Tobias Rauter , Johannes Iber , Christian Kreiner
DOI: 10.1109/DSD.2015.79
关键词: General protection fault 、 Computer science 、 Segmentation fault 、 Domain (software engineering) 、 Software 、 Software fault tolerance 、 Use case 、 Fault injection 、 Embedded system 、 Fault (power engineering)
摘要: Physical attacks, such as fault pose a decisive threat for the security of devices in Internet Things. An important class countermeasures attacks is tolerant software that applicable systems based on COTS hardware. In order to evaluate against injection needed. However, established approaches require manufactured products or hardware details (e.g. netlists, RTL models), which are not available when using this paper, we present QEMU-based platform supports commercial processors widely-used embedded domain. This framework allows system-level analysis by featuring simulation high-level faults targeting, example, memory cells, register correct execution instructions. The generation realistic attack scenarios. We illustrate practicability approach presenting two exemplary use cases.
elsevier.com
sci-hub.se 参考文章(17)
Andrea Holler, Georg Macher, Tobias Rauter, Johannes Iber, Christian Kreiner, A Virtual Fault Injection Framework for Reliability-Aware Software Development dependable systems and networks. pp. 69- 74 ,(2015) , 10.1109/DSN-W.2015.16
Fabrice Bellard, QEMU, a fast and portable dynamic translator usenix annual technical conference. pp. 41- 41 ,(2005)
Nick Nikiforakis, Steven Van Acker, Wannes Meert, Lieven Desmet, Frank Piessens, Wouter Joosen, Bitsquatting Proceedings of the 22nd international conference on World Wide Web - WWW '13. pp. 989- 998 ,(2013) , 10.1145/2488388.2488474
Andrea Holler, Gerhard Schonfelder, Nermin Kajtazovic, Tobias Rauter, Christian Kreiner, FIES: A Fault Injection Framework for the Evaluation of Self-Tests for COTS-Based Safety-Critical Systems microprocessor test and verification. pp. 105- 110 ,(2014) , 10.1109/MTV.2014.27
Michael Lackner, Reinhard Berlach, Michael Hraschan, Reinhold Weiss, Christian Steger, A Fault Attack Emulation Environment to Evaluate Java Card Virtual-Machine Security digital systems design. pp. 480- 487 ,(2014) , 10.1109/DSD.2014.51
Marc Joye, A Method for Preventing "Skipping" Attacks ieee symposium on security and privacy. pp. 12- 15 ,(2012) , 10.1109/SPW.2012.14
Georg Sigl, Dominik Merli, Frederic Stumpf, Michael Smola, Nikolaus Theissing, Comprehensive analysis of software countermeasures against fault attacks design, automation, and test in europe. pp. 404- 409 ,(2013) , 10.5555/2485288.2485386
Armin Krieg, Christopher Preschern, Johannes Grinschgl, Christian Steger, Christian Kreiner, Reinhold Weiss, Holger Bock, Josef Haid, Power And Fault Emulation for Software Verification and System Stability Testing in Safety Critical Environments IEEE Transactions on Industrial Informatics. ,vol. 9, pp. 1199- 1206 ,(2013) , 10.1109/TII.2012.2220976
Qiang Guan, Nathan Debardeleben, Sean Blanchard, Song Fu, F-SEFI: A Fine-Grained Soft Error Fault Injection Tool for Profiling Application Vulnerability international parallel and distributed processing symposium. pp. 1245- 1254 ,(2014) , 10.1109/IPDPS.2014.128
Fabian Oboril, Ilias Sagar, Mehdi B. Tahoori, A-SOFT-AES: Self-adaptive software-implemented fault-tolerance for AES international on-line testing symposium. pp. 104- 109 ,(2013) , 10.1109/IOLTS.2013.6604059