Smart On Smart by Agoyan, Michel et al.
Smart On Smart 
ANR-07-SESU-014-01
M. Agoyan, P. Bazargan-Sabet, K. Bekkou, 
S. Bouquet, S. Le Henaff, E. Lepavec,
M-H. NGuyen, G. Phan, B. Robisson, 
P. Soquet, F. Wajsbürt.
Colloque « Systèmes embarqués, 









« Attack » = method allowing to extract secret 






























Attacks on physical devices
Cryptanalysis : mathematical analysis of 
plain and cipher texts sets
Side channel attacks (SCA) : analysis of 
the chip environment when it 
performs sensitive computations 
Fault attacks : modifications of the chip 
environment to bypass H/S 
protections 








Light intensity, voltage and frequency 




Internal clock, metallic shields, power 
filter, balanced logic, balanced place and 
route, etc.
Noise generator, dummy instructions 
random insertion, memory 
scrambling, etc.
Mute, reset application or applet, 
delete data (=kill), etc.Reaction CMs
↑security  but ↓performances
Numerous, need a global management 




Given the current and 
previous values of the 
sensors, the circuit has to 
choose
the parameters and the 
activation of the CMs
Strategies of security: main specification
Sensor x
Sensor y



























More availability & more security
Complex strategies of security 
Sensor x
Sensor y
To enable to have dynamically trade-off 
between performance and security











Complex strategies of security 
Optimal security for optimal performances
Objectives of “Smart On Smart” (SOS)
1) Propose a complex strategy of security for a 
representative system
2) Propose HW/SW mecanisms which enable the 
implementation of complex strategies of security
3) Evaluate the gain security/availability
RQ: SOS takes 
advantage of state-of-the-
art CMs but does not aim 







Application: Conditional access for pay-TV
Principle
• Based upon the scrambling of an audio/video flow which can be descrambled
with a key if and only if the correct right is owned by the smartcard.
• 3 class of commands are used by the system :
• Subscription writing (Keys, Rights) Very sensitive
• Descrambling (control word) Sensitive
• Subscriber operations (parental control) Not very sensitive
Needs
• High level of security
• Real time performance
• High level of reliability
Extra needs
• Low power for integration 
in mobile phones



























Host system : Example of CMs
ALU 
Scrambling : Insert randomly 
dummy random instructions
Redundancy : Execute N times 
the same computation and 
compare the results
Parameter = # useful instructions 
# total instructions 
Parameter = N
Sensors : Emulation of 
voltage, clock, light and 
temperature detector
Sensors : Sensitivity of the 
data which are manipulated by 
the application











































































Step 1 : Fuzzy logic
R1 : ``IF the voltage VS is RATHER HIGH and the light (LS) is HIGH 
THEN the “probability” of attack is HIGH ''
Security expert knowledge 























Step 1: fuzzy logic
R0 : ``IF the number of methods that have processed 
without error (NE) is VERY HIGH THEN the 
probability of attack is LOW ''
R1 : ``IF the voltage VS is RATHER HIGH and the 
light (LS) is HIGH THEN the probability of attack is 
HIGH ''
R2: ``IF the number of cryptographic errors (CE) is 





R0’: ``IF the number of PIN code errors (PE), the 
voltage (VS) and the light (LS) are VERY LOW














“Probability” of Attack=0,5 “Probability” of Normal=0,35























































































































































Prototype: Example of communication
1. A sensor event occurs
2. An interruption is raised on 
HS through the ICU
3. AS computes the 
configuration of CMs
4. If needed, the AS 
configures the HW CMs 
and waits until 
acknowledgement 
5. The AS clears the 
interruption
6. If needed, the AS 
configures the SW CMs 
and waits until 
acknowledgement
7. The AS resume the 
execution
S. Audit - HW
S. Audit - SW
S. Hôte - HW
S. Hôte - VM
















Colloque « Systèmes embarqués, 
sécurité et sûreté de fonctionnement »
• Host System :
• 32-bit µprocessor @ 50 MHz
• MIPS-1 instruction set 
• 5-stage pipeline
• Harvard architecture
• 128 KB E2 emulation
• 896 KB  Data/Instruction
• AES-128 
• ISO 7816-3 UART + connector
• UART (111520 bauds) + DB9
• Embedded software stubs for remote 
debugging 
• Embedded fault injection emulation
• Audit system :
•Mips like cpu @50MHz
• 4KB Data
• 32 KB Instruction
• Simple UART + DB9
• ICU + comm FIFO
Based on Xilinx® ML501 virtex5 board
Host System  only :
Number of Slices                       2462 out of 7200   34%
Number of Slice Registers         2421 out of 28800   8%
Host System  + Audit system :
Number of Slices                       3490 out of 7200   48%
Number of Slice Registers        4534 out of 28800  15%
Method of validation
Colloque « Systèmes embarqués, 
sécurité et sûreté de fonctionnement »
Definition of attacks scenarii 
Definition of “normal use” scenarii 
Ongoing… 
Verification of the changes of 
configurations
• No Kill during “normal use” scenarii
• Kill during attacks scenarii
Estimation on the performances and 





• Conclusions and future work
?
Conclusion
• To the best of our knowledge, the only first step towards the 
implementation of complex strategies of security
• Realization of a prototype which aggregates multi-disciplinary expertise
• Promising results
• Re-organization of security features thought the entire system
• Innovative strategy of security based on fuzzy logic 
• Proposal of an architecture enabling the execution of complex 
strategies of security
• Set up of a dedicated HW/SW design methodology (including 
debugging tools and built-in security estimation capabilities)
Future work
• Fine tuning of the current 
rules set
• Security characterization of 
the prototype with ENSMSE-
CMP benches at Gardanne
• Having a trade-off between security/availability raises many questions 
MODEL ATTACKER AND USER!
⇒Which formalism ?
⇒ Expert knowledge & rules set based system 
⇒ Data bases of attacker and user behavior & learning algorithms
⇒Are the current sensors suitable?
⇒ etc.
Thank you for your attention!
Questions?
FAQ on SOS
Is the audit system is a new Side Channel (SCA) or Fault Attack’s (FA) 
leakage source?
No, because the audit system NEVER has access to sensitive 
information (like key) 
If the SA is subject to FA ?
• If it is blocked by FA, the host system will be blocked 
No information leakage
• If it does not compute the right security level
The basic CMs protect the SH; The attacker has to realize SCA or 
FA on the host
If the communication channels are not protected and so, subject to FA?
The basic CMs protect the SH; The attacker has to realize SCA or 
FA on the host
