Visible to the public Biblio

Filters: Author is Auer, Lukas  [Clear All Filters]
2022-10-16
Hauschild, Florian, Garb, Kathrin, Auer, Lukas, Selmke, Bodo, Obermaier, Johannes.  2021.  ARCHIE: A QEMU-Based Framework for Architecture-Independent Evaluation of Faults. 2021 Workshop on Fault Detection and Tolerance in Cryptography (FDTC). :20–30.
Fault injection is a major threat to embedded system security since it can lead to modified control flows and leakage of critical security parameters, such as secret keys. However, injecting physical faults into devices is cumbersome and difficult since it requires a lot of preparation and manual inspection of the assembly instructions. Furthermore, a single fault injection method cannot cover all possible fault types. Simulating fault injection in comparison, is, in general, less costly, more time-efficient, and can cover a large amount of possible fault combinations. Hence, many different fault injection tools have been developed for this purpose. However, previous tools have several drawbacks since they target only individual architectures or cover merely a limited amount of the possible fault types for only specific memory types. In this paper, we present ARCHIE, a QEMU-based architecture-independent fault evaluation tool, that is able to simulate transient and permanent instruction and data faults in RAM, flash, and processor registers. ARCHIE supports dynamic code analysis and parallelized execution. It makes use of the Tiny Code Generator (TCG) plugin, which we extended with our fault plugin to enable read and write operations from and to guest memory. We demonstrate ARCHIE’s capabilities through automatic binary analysis of two exemplary applications, TinyAES and a secure bootloader, and validate our tool’s results in a laser fault injection experiment. We show that ARCHIE can be run both on a server with extensive resources and on a common laptop. ARCHIE can be applied to a wide range of use cases for analyzing and enhancing open source and proprietary firmware in white, grey, or black box tests.
2020-02-10
Auer, Lukas, Skubich, Christian, Hiller, Matthias.  2019.  A Security Architecture for RISC-V based IoT Devices. 2019 Design, Automation Test in Europe Conference Exhibition (DATE). :1154–1159.

New IoT applications are demanding for more and more performance in embedded devices while their deployment and operation poses strict power constraints. We present the security concept for a customizable Internet of Things (IoT) platform based on the RISC-V ISA and developed by several Fraunhofer Institutes. It integrates a range of peripherals with a scalable computing subsystem as a three dimensional System-in-Package (3D-SiP). The security features aim for a medium security level and target the requirements of the IoT market. Our security architecture extends given implementations to enable secure deployment, operation, and update. Core security features are secure boot, an authenticated watchdog timer, and key management. The Universal Sensor Platform (USeP) SoC is developed for GLOBALFOUNDRIES' 22FDX technology and aims to provide a platform for Small and Medium-sized Enterprises (SMEs) that typically do not have access to advanced microelectronics and integration know-how, and are therefore limited to Commercial Off-The-Shelf (COTS) products.