The security of heterogeneous systems

La thèse étudie la sécurité de la technologie ARM TrustZone dans le cadre des SoCs complexes hétérogènes. La thèse présente des attaques matérielles qui touchent des éléments de l’architecture des SoCs et elle présente aussi des stratégies de contremesure.The thesis studies the security of the ARM TrustZone technology in the context of complex heterogeneous SoCs. The thesis presents hardware attacks that affect elements of the SoCs architecture and it also presents countermeasure strategies

Sécurité des systèmes sur puce complexes hétérogènes

The thesis studies the security of the ARM TrustZone technology in the context of complex heterogeneous SoCs. The thesis presents hardware attacks that affect elements of the SoCs architecture and it also presents countermeasure strategies.La thèse étudie la sécurité de la technologie ARM TrustZone dans le cadre des SoCs complexes hétérogènes. La thèse présente des attaques matérielles qui touchent des éléments de l’architecture des SoCs et elle présente aussi des stratégies de contremesure

Performing Cache Timing Attacks from the Reconfigurable Part of a Heterogeneous SoC—An Experimental Study

Cache attacks are widespread on microprocessors and multi-processor system-on-chips but have not yet spread to heterogeneous systems-on-chip such as SoC-FPGA that are found in increasing numbers of applications on servers or in the cloud. This type of SoC has two parts: a processing system that includes hard components and ARM processor cores and a programmable logic part that includes logic gates to be used to implement custom designs. The two parts communicate via memory-mapped interfaces. One of these interfaces is the accelerator coherency port that provides optional cache coherency between the two parts. In this paper, we discuss the practicability and potential threat of inside-SoC cache attacks using the cache coherency mechanism of a complex heterogeneous SoC-FPGA. We provide proof of two cache timing attacks Flush+Reload and Evict+Time when SoC-FPGA is targeted, and proof of hidden communication using a cache-based covert channel. The heterogeneous SoC-FPGA Xilinx Zynq-7010 is used as an experimental target.</jats:p

DVFS as a Security Failure of TrustZone-enabled Heterogeneous SoC

International audienceToday, most embedded systems use Dynamic Voltage and Frequency Scaling (DVFS) to minimize energy consumption and maximize performance. The DVFS technique works by regulating the important parameters that govern the amount of energy consumed in a system, voltage and frequency. For the implementation of this technique, the operating system (OS) includes software applications that dynamically control a voltage regulator or a frequency regulator or both. In this paper, we demonstrate for the first time a malicious use of the frequency regulator against a TrustZone-enabled System-on-Chip (SoC). We use frequency scaling to create a covert channel in a TrustZone-enabled heterogeneous SoC. We present three different attacks, the first is discreet transmission of sensitive data from the SoC to outside, using electromagnetic emission. The second attack is the inside-SoC transfer of valuable data from a secure ARM core to a non-secure one. The last attack is the inside-SoC transfer of data between a non-trusted third party IP embedded in the programmable logic part of the SoC and a processor core

Security Assessment of Heterogenous SoC-FPGA: On the Practicability of Cache Timing Attacks

International audienc

Performing Cache Timing Attacks from the Reconfigurable Part of a Heterogeneous SoC—An Experimental Study

International audienceCache attacks are widespread on microprocessors and multi-processor system-on-chips but have not yet spread to heterogeneous systems-on-chip such as SoC-FPGA that are found in increasing numbers of applications on servers or in the cloud. This type of SoC has two parts: a processing system that includes hard components and ARM processor cores and a programmable logic part that includes logic gates to be used to implement custom designs. The two parts communicate via memory-mapped interfaces. One of these interfaces is the accelerator coherency port that provides optional cache coherency between the two parts. In this paper, we discuss the practicability and potential threat of inside-SoC cache attacks using the cache coherency mechanism of a complex heterogeneous SoC-FPGA. We provide proof of two cache timing attacks Flush+Reload and Evict+Time when SoC-FPGA is targeted, and proof of hidden communication using a cache-based covert channel. The heterogeneous SoC-FPGA Xilinx Zynq-7010 is used as an experimental target

The Security of ARM TrustZone in a FPGA-based SoC

International audienc

Towards Malicious Exploitation of Energy Management Mechanisms

International audienceArchitectures are becoming more and more complexto keep up with the increase of algorithmic complexity. Tofully exploit those architectures, dynamic resources managersare required. The goal of dynamic managers is either to optimizethe resource usage (e.g. cores, memory) or to reduceenergy consumption under performances constraints. However,performance optimization being their main goal, they are notdeveloped to be secure and present vulnerabilities. Recently, itwas proven that energy managers can be exploited to cause faultswithin a processor and it can be used to steal information froma user device. However, this exploitation is not often possiblein current commercial devices. In this work, we show currentsecurity vulnerabilities through another type of malicious usageof energy management, experimentation shows that it is possibleto remotely lock out a device, denying access to all services anddata, requiring for example the user to pay a ransom to unlockit. The main target of this exploit are embedded systems and wedemonstrate this work by its implementation on two differentcommercial ARM based devices

Secure Internal Communication of a Trustzone-Enabled Heterogeneous Soc Lightweight Encryption

Security in TrustZone-enabled heterogeneous system-on-chip (SoC) is gaining increasing attention for several years. Mainly because this type of SoC can be found in more and more applications in servers or in the cloud. The inside-SoC communication layer is one of the main element of heterogeneous SoC; indeed all the data goes through it. Monitoring and controlling inside-SoC communications enables to fend off attacks before system corruption. In this article, we study the feasibility of encrypted data exchange between the secure software executed in a trusted execution environment (TEE) and the secure logic part of an heterogeneous SoC. Experiment are done with a Xilinx Zynq-7010 SoC and two lightweight stream ciphers. We show that using lightweight stream ciphers is an efficient solution without excessive overheads