Visible to the public Biblio

Filters: Author is Hély, D.  [Clear All Filters]
2021-03-29
Kazemi, Z., Fazeli, M., Hély, D., Beroulle, V..  2020.  Hardware Security Vulnerability Assessment to Identify the Potential Risks in A Critical Embedded Application. 2020 IEEE 26th International Symposium on On-Line Testing and Robust System Design (IOLTS). :1—6.

Internet of Things (IoT) is experiencing significant growth in the safety-critical applications which have caused new security challenges. These devices are becoming targets for different types of physical attacks, which are exacerbated by their diversity and accessibility. Therefore, there is a strict necessity to support embedded software developers to identify and remediate the vulnerabilities and create resilient applications against such attacks. In this paper, we propose a hardware security vulnerability assessment based on fault injection of an embedded application. In our security assessment, we apply a fault injection attack by using our clock glitch generator on a critical medical IoT device. Furthermore, we analyze the potential risks of ignoring these attacks in this embedded application. The results will inform the embedded software developers of various security risks and the required steps to improve the security of similar MCU-based applications. Our hardware security assessment approach is easy to apply and can lead to secure embedded IoT applications against fault attacks.

2021-03-15
Bresch, C., Lysecky, R., Hély, D..  2020.  BackFlow: Backward Edge Control Flow Enforcement for Low End ARM Microcontrollers. 2020 Design, Automation Test in Europe Conference Exhibition (DATE). :1606–1609.
This paper presents BackFlow, a compiler-based toolchain that enforces indirect backward edge control flow integrity for low-end ARM Cortex-M microprocessors. BackFlow is implemented within the Clang/LLVM compiler and supports the ARM instruction set and its subset Thumb. The control flow integrity generated by the compiler relies on a bitmap, where each set bit indicates a valid pointer destination. The efficiency of the framework is benchmarked using an STM32 NUCLEO F446RE microcontroller. The obtained results show that the control flow integrity solution incurs an execution time overhead ranging from 1.5 to 4.5%.
2018-06-07
Bresch, C., Michelet, A., Amato, L., Meyer, T., Hély, D..  2017.  A red team blue team approach towards a secure processor design with hardware shadow stack. 2017 IEEE 2nd International Verification and Security Workshop (IVSW). :57–62.

Software attacks are commonly performed against embedded systems in order to access private data or to run restricted services. In this work, we demonstrate some vulnerabilities of commonly use processor which can be leveraged by hackers to attack a system. The targeted devices are based on open processor architectures OpenRISC and RISC-V. Several software exploits are discussed and demonstrated while a hardware countermeasure is proposed and validated on OpenRISC against Return Oriented Programming attack.

2018-02-02
Marconot, J., Pebay-Peyroula, F., Hély, D..  2017.  IoT Components LifeCycle Based Security Analysis. 2017 Euromicro Conference on Digital System Design (DSD). :295–298.

We present in this paper a security analysis of electronic devices which considers the lifecycle properties of embedded systems. We first define a generic model of electronic devices lifecycle showing the complex interactions between the numerous assets and the actors. The method is illustrated through a case study: a connected insulin pump. The lifecycle induced vulnerabilities are analyzed using the EBIOS methodology. An analysis of associated countermeasures points out the lack of consideration of the life cycle in order to provide an acceptable security level of each assets of the device.