Hardware Security Vulnerability Assessment to Identify the Potential Risks in A Critical Embedded Application

Internet of Things (IoT) is experiencing significant growth in the safety-critical applications which have caused new security challenges. These devices are becoming targets for different types of physical attacks, which are exacerbated by their diversity and accessibility. Therefore, there is a strict necessity to support embedded software developers to identify and remediate the vulnerabilities and create resilient applications against such attacks. In this paper, we propose a hardware security vulnerability assessment based on fault injection of an embedded application. In our security assessment, we apply a fault injection attack by using our clock glitch generator on a critical medical IoT device. Furthermore, we analyze the potential risks of ignoring these attacks in this embedded application. The results will inform the embedded software developers of various security risks and the required steps to improve the security of similar MCU-based applications. Our hardware security assessment approach is easy to apply and can lead to secure embedded IoT applications against fault attacks.