1 research outputs found
Studying EM Pulse Effects on Superscalar Microarchitectures at ISA Level
In the area of physical attacks, system-on-chip (SoC) designs have not
received the same level of attention as simpler micro-controllers. We try to
model the behavior of secure software running on a superscalar out-of-order
microprocessor typical of more complex SoC, in the presence of electromagnetic
(EM) pulses. We first show that it is possible, in a black box approach, to
corrupt the loop iteration count of both original and hardened versions of two
sensitive loops. We propose a characterization methodology based on very simple
codes, to understand and classify the fault effects at the level of the
instruction set architecture (ISA). The resulting classification includes the
well established instruction skip and register corruption models, as well as
new effects specific to more complex processors, such as operand substitution,
multiple correlated register corruptions, advanced control-flow hijacking, and
combinations of all reported effects. This diversity and complexity of effects
can lead to powerful attacks. The proposed methodology and fault classification
at ISA level is a first step towards a more complete characterization. It is
also a tool supporting the designers of software and hardware countermeasures