An Enhanced Debugger for Real-Time Fault Injection on Microprocessor Systems

As electronic devices get smaller and more complex, dependability assurance is becoming fundamental for many mission critical computer based systems. This paper presents a case study on the possibility of using the on-chip debug infrastructures present in most current microprocessors to execute real time fault injection campaigns. The proposed methodology is based on a debugger, customized for fault injection and designed for maximum flexibility, and consists on injecting bit-flip type faults on memory elements without modifying or halting the target application. The proposed solution is easily portable and applicable to different architectures, providing a flexible and efficient mechanism for verifying and validating fault tolerant components.info:eu-repo/semantics/publishedVersio

Towards Accurate Estimation of Error Sensitivity in Computer Systems

Fault injection is an increasingly important method for assessing, measuringand observing the system-level impact of hardware and software faults in computer systems. This thesis presents the results of a series of experimental studies in which fault injection was used to investigate the impact of bit-flip errors on program execution. The studies were motivated by the fact that transient hardware faults in microprocessors can cause bit-flip errors that can propagate to the microprocessors instruction set architecture registers and main memory. As the rate of such hardware faults is expected to increase with technology scaling, there is a need to better understand how these errors (known as ‘soft errors’) influence program execution, especially in safety-critical systems.Using ISA-level fault injection, we investigate how five aspects, or factors, influence the error sensitivity of a program. We define error sensitivity as the conditional probability that a bit-flip error in live data in an ISA-register or main-memory word will cause a program to produce silent data corruption (SDC; i.e., an erroneous result). We also consider the estimation of a measure called SDC count, which represents the number of ISA-level bit flips that cause an SDC.The five factors addressed are (a) the inputs processed by a program, (b) the level of compiler optimization, (c) the implementation of the program in the source code, (d) the fault model (single bit flips vs double bit flips) and (e)the fault-injection technique (inject-on-write vs inject-on-read). Our results show that these factors affect the error sensitivity in many ways; some factors strongly impact the error sensitivity or SDC count whereas others show a weaker impact. For example, our experiments show that single bit flips tend to cause SDCs more than double bit flips; compiler optimization positively impacts the SDC count but not necessarily the error sensitivity; the error sensitivity varies between 20% and 50% among the programs we tested; and variations in input affect the error sensitivity significantly for most of the tested programs

Dynamic Laser Fault Injection Aided by Quiescent Photon Emissions in Embedded Microcontrollers: Apparatus, Methodology and Attacks

Internet of Things (IoT) is becoming more integrated in our daily life with the increasing number of embedded electronic devices interacting together. These electronic devices are often controlled by a Micro-Controller Unit (MCU). As an example, it is estimated that today’s well-equipped automobile uses more than 50 MCUs. Some MCUs contain cryptographic co-processors to enhance the security of the exchanged and stored data with a common belief that the data is secured and safe. However many MCUs have been shown to be vulnerable to Fault Injection (FI) attacks. These attacks can reveal shared secrets, firmware, and other confidential information. In addition, this extracted information obtained by attacks can lead to identification of new vulnerabilities which may scale to attacks on many devices. In general, FI on MCUs corrupt data or corrupt instructions. Although it is assumed that only authorized personnel with access to cryptographic secrets will gain access to confidential information in MCUs, attackers in specialized labs nowadays may have access to high-tech equipment which could be used to attack these MCUs. Laser Fault Injection (LFI) is gaining more of a reputation for its ability to inject local faults rather than global ones due to its precision, thus providing a greater risk of breaking security in many devices. Although publications have generally discussed the topic of security of MCUs, attack techniques are diverse and published LFI provides few and superficial details about the used experimental setup and methodology. Furthermore, limited research has examined the combination of both LFI and Photo-Emission Microscopy (PEM), direct modification of instructions using the LFI, control of embedded processor resets using LFI, and countermeasures which simultaneously thwart other aspects including decapsulation and reverse engineering (RE). This thesis contributes to the study of the MCUs’ security by analyzing their susceptibility to LFI attacks and PEM. The proposed research aims to build a LFI bench from scratch allowing maximum control of laser parameters. In addition, a methodology for analysis of the Device Under Attack (DUA) in preparation for LFI is proposed, including frontside/backside decapsulation methods, and visualization of the structure of the DUA. Analysis of attack viability of different targets on the DUA, including One-Time Programmable (OTP) memory, Flash memory and Static Random Access Memory (SRAM) was performed. A realistic attack of a cryptographic algorithm, such as Advanced Encryption Standard (AES) using LFI was conducted. On the other hand, countermeasures to the proposed attack techniques, including decapsulation/RE, LFI and PEM, were discussed. This dissertation provides a summary for the necessary background and experimental setup to study the possibility of LFI and PEM in different DUAs of two different technologies, specifically PIC16F687 and ARM Cortex-M0 LPC1114FN28102. Attacks performed on on-chip peripherals such as Universal Asynchronous Receiver/Transmitter (UART) and debug circuity reveal new vulnerabilities. This research is important for understanding attacks in order to design countermeasures for securing future hardware

Affordable techniques for dependable microprocessor design

As high computing power is available at an affordable cost, we rely on microprocessor-based systems for much greater variety of applications. This dependence indicates that a processor failure could have more diverse impacts on our daily lives. Therefore, dependability is becoming an increasingly important quality measure of microprocessors.;Temporary hardware malfunctions caused by unstable environmental conditions can lead the processor to an incorrect state. This is referred to as a transient error or soft error. Studies have shown that soft errors are the major source of system failures. This dissertation characterizes the soft error behavior on microprocessors and presents new microarchitectural approaches that can realize high dependability with low overhead.;Our fault injection studies using RISC processors have demonstrated that different functional blocks of the processor have distinct susceptibilities to soft errors. The error susceptibility information must be reflected in devising fault tolerance schemes for cost-sensitive applications. Considering the common use of on-chip caches in modern processors, we investigated area-efficient protection schemes for memory arrays. The idea of caching redundant information was exploited to optimize resource utilization for increased dependability. We also developed a mechanism to verify the integrity of data transfer from lower level memories to the primary caches. The results of this study show that by exploiting bus idle cycles and the information redundancy, an almost complete check for the initial memory data transfer is possible without incurring a performance penalty.;For protecting the processor\u27s control logic, which usually remains unprotected, we propose a low-cost reliability enhancement strategy. We classified control logic signals into static and dynamic control depending on their changeability, and applied various techniques including commit-time checking, signature caching, component-level duplication, and control flow monitoring. Our schemes can achieve more than 99% coverage with a very small hardware addition. Finally, a virtual duplex architecture for superscalar processors is presented. In this system-level approach, the processor pipeline is backed up by a partially replicated pipeline. The replication-based checker minimizes the design and verification overheads. For a large-scale superscalar processor, the proposed architecture can bring 61.4% reduction in die area while sustaining the maximum performance

Robustesse par conception de circuits implantés sur FPGA SRAM et validation par injection de fautes

Cette thèse s'intéresse en premier lieu à l'évaluation des effets fonctionnels des erreurs survenant dans la mémoire SRAM de configuration de certains FPGAs. La famille Virtex II Pro de Xilinx est utilisée comme premier cas pratique d'expérimentation. Des expérimentations sous faisceau laser nous ont permis d'avoir une bonne vue d'ensemble sur les motifs d'erreurs réalistes qui sont obtenus par des sources de perturbations réelles. Une méthodologie adaptée d'injection de fautes a donc été définie pour permettre une meilleure évaluation, en phase de conception, de la robustesse d'un circuit implanté sur ce type de technologie. Cette méthodologie est basée sur de la reconfiguration dynamique. Le même type d'approche a ensuite été évalué sur plusieurs cibles technologiques, ce qui a nécessité le développement de plusieurs environnements d'injection de fautes. L'étude a pour la première fois inclus la famille AT40K de ATMEL, qui permet un type de reconfiguration unique et efficace. Le second type de contribution concerne l'augmentation à faible coût de la robustesse de circuits implantés sur des plateformes FPGA SRAM. Nous proposons une approche de protection sélective exploitant les ressources du FPGA inutilisées par l'application. L'approche a été automatisée sur plusieurs cibles technologiques (Xilinx, Altera) et l'efficacité est analysée en utilisant les méthodes d'injection de fautes précédemment développées.This thesis focuses primarily on the evaluation of the functional effects of errors occurring in the SRAM configuration memory of some FPGAs. Xilinx Virtex II Pro family is used as a first case study. Experiments under laser beam allowed us to have a good overview of realistic error patterns, related to real disturbance sources. A suited fault injection methodology has thus been defined to improve design-time robustness evaluations of a circuit implemented on this type of technology. This methodology is based on runtime reconfiguration. The approach has then been evaluated on several technological targets, requiring the development of several fault injection environments. The study included for the first time the ATMEL AT40K family, with a unique and efficient reconfiguration mode. The second type of contribution is focused on the improvement at low cost of the robustness of designs implemented on SRAM-based FPGA platforms. We propose a selective protection approach exploiting resources unused by the application. The approach has been automated on several technological targets (Xilinx, Altera) and the efficiency has been analyzed by taking advantage of the fault injection techniques previously developed.SAVOIE-SCD - Bib.électronique (730659901) / SudocGRENOBLE1/INP-Bib.électronique (384210012) / SudocGRENOBLE2/3-Bib.électronique (384219901) / SudocSudocFranceF

NASA Technology Plan 1998

This NASA Strategic Plan describes an ambitious, exciting vision for the Agency across all its Strategic Enterprises that addresses a series of fundamental questions of science and research. This vision is so challenging that it literally depends on the success of an aggressive, cutting-edge advanced technology development program. The objective of this plan is to describe the NASA-wide technology program in a manner that provides not only the content of ongoing and planned activities, but also the rationale and justification for these activities in the context of NASA's future needs. The scope of this plan is Agencywide, and it includes technology investments to support all major space and aeronautics program areas, but particular emphasis is placed on longer term strategic technology efforts that will have broad impact across the spectrum of NASA activities and perhaps beyond. Our goal is to broaden the understanding of NASA technology programs and to encourage greater participation from outside the Agency. By relating technology goals to anticipated mission needs, we hope to stimulate additional innovative approaches to technology challenges and promote more cooperative programs with partners outside NASA who share common goals. We also believe that this will increase the transfer of NASA-sponsored technology into nonaerospace applications, resulting in an even greater return on the investment in NASA

Mise en œuvre et caractérisation d'une méthode d'injection de pannes à haut niveau d'abstraction

De nos jours, l’effet des rayons cosmiques sur l’électronique est connu. De nombreuses études ont démontré que les neutrons étaient la cause principale des erreurs non destructives sur les circuits intégrés à bord des avions. De plus, la réduction de la taille des transistors rend les circuits de plus en plus sensibles à ces derniers. Les circuits tolérants aux radiations sont parfois utilisés afin d’améliorer la robustesse des circuits. Cependant, ces circuits sont coûteux et leur technologie tend à être en retard de quelques générations par rapport aux circuits non tolérants. Les concepteurs préfèrent donc utiliser des circuits conventionnels et appliquent des méthodes de mitigation afin d’améliorer la tolérance aux erreurs passagères. Tout au long de la conception d’un circuit, il est indispensable d’en analyser et d’en vérifier la fiabilité. Les méthodologies conventionnelles de conception ont besoin d’être adaptées afin d’évaluer la tolérance aux erreurs non destructives causées par les radiations. Aujourd’hui, les concepteurs ont besoin de nouveaux outils et de nouvelles méthodologies afin de valider leurs stratégies de mitigation dans le but de satisfaire leurs exigences de tolérance. Dans ce mémoire, une nouvelle méthodologie permettant de capturer à bas niveau d’abstraction le comportement fautif d’un circuit et de l’appliquer à plus haut niveau est proposée. Pour cela, le nouveau concept de Signature du comportement fautif d’un circuit est présenté. Une Signature permet de créer, à haut niveau d’abstraction (niveau système) des modèles qui reflètent avec précision le comportement fautif d’un circuit appris à bas niveau, au niveau portes logiques. Les comportements fautifs d’un additionneur et d’un multiplicateur 8 bits ont été reproduits sous Simulink avec respectivement des coefficients de corrélation de 98,53 % et 99,86 %. Une méthodologie permettant de générer une bibliothèque de composants fautifs sous Simulink est proposée dans le but de permettre aux concepteurs de vérifier la tolérance de leurs modèles tôt lors de la conception d’un circuit. Les résultats ainsi obtenus pour trois circuits sont présentés et critiqués tout au long de ce mémoire. Dans le cadre de ce projet, un article scientifique a été publié à la conférence NEWCAS 2013 (Robache et al., 2013). Ce travail présente le nouveau concept de Signature du comportement fautif, la méthodologie de génération de Signatures développée ainsi qu’une preuve de concept avec un multiplicateur 8 bits

Avaliação do desempenho de redes PROFIBUS-DP suportada em técnicas de injecção de faltas

Tese de doutoramento. Engenharia Electrotécnica e de Computadores. Faculdade de Engenharia. Universidade do Porto. 200

A cumulative index to a continuing bibliography on aeronautical engineering

This bibliography is a cumulative index to the abstracts contained in NASA-SP-7037(184) through NASA-SP-7037(195) of Aeronautical Engineering: A Continuing Bibliography. NASA SP-7037 and its supplements have been compiled through the cooperative efforts of the American Institute of Aeronautics and Astronautics (AIAA) and the National Aeronautics and Space Administration (NASA). This cumulative index includes subject, personal author, corporate source, foreign technology, contract, report number, and accession number indexes