Classification of Quantum Computer Fault Injection Attacks

The rapid growth of interest in quantum computing has brought about the need to secure these powerful machines against a range of physical attacks. As qubit counts increase and quantum computers achieve higher levels of fidelity, their potential to execute novel algorithms and generate sensitive intellectual property becomes more promising. However, there is a significant gap in our understanding of the vulnerabilities these computers face in terms of security and privacy attacks. Among the potential threats are physical attacks, including those orchestrated by malicious insiders within data centers where the quantum computers are located, which could compromise the integrity of computations and resulting data. This paper presents an exploration of fault-injection attacks as one class of physical attacks on quantum computers. This work first introduces a classification of fault-injection attacks and strategies, including the domain of fault-injection attacks, the fault targets, and fault manifestations in quantum computers. The resulting classification highlights the potential threats that exist. By shedding light on the vulnerabilities of quantum computers to fault-injection attacks, this work contributes to the development of robust security measures for this emerging technology.Comment: 7 pages, 4 figure

The epiphytic bryophyte succession of Buxus sempervirens forests in the Fırtına Valley, Rize (North Türkiye)

In this study, the epiphytic bryophyte succession of the Buxus sempervirens L. forests in Fırtına Valley (Çamlıhemşin-Rize, North Türkiye), one of the nine biodiversity hotspots in Türkiye, were investigated. For this purpose, a total of 60 sampling plots were taken from the live trunks of the B. sempervirens trees of different ages. Twenty-nine epiphytic bryophyte species were determined (24 mosses and 5 liverworts) within the sample plots. Also, six different life form types and four different habitat affinity categories were determined. The mat type life form is in the first place with 34.4% whereas the and cortico-saxicolous species are the most common with 51.7%. Two-Way Indicator Species Analysis (TWINSPAN) classified the epiphytic bryophyte communities on the trunks of the B. sempervirens at the second level into two main clusters (A and B) and three sub-clusters (A1, B1 and, B2). Detrended Correspondence Analysis (DCA) axis 1 was interpreted as gradient along the height of the epiphytic habitat (from the lower base to the upper zone) on trunks and the DCA axis 2 was interpreted as gradient of moisture (from mesic to xeric). Exsertotheca crispa (Hedw.) S.Olsson, Enroth & D.Quandt was the species with the highest Index of Ecological Significance (IES) value on the lower bases of the aged trees. Species diversity and epiphytic cover in the upper zones were lower than in the basal and middle zones in the study area. While Metzgeria furcata, (L.) Corda, Oxyrrhynchium hians (Hedw.) Loeske, Plagiothecium nemorale (Mitt.) A.Jaeger, and Radula lindenbergiana Gottsche ex C.Hartm were only found on old trees, Ctenidium molluscum (Hedw.) Mitt. and Pseudoleskeella nervosa (Brid.) Nyholm were only found on middle-aged trees

Towards Automated Detection of Single-Trace Side-Channel Vulnerabilities in Constant-Time Cryptographic Code

Although cryptographic algorithms may be mathematically secure, it is often possible to leak secret information from the implementation of the algorithms. Timing and power side-channel vulnerabilities are some of the most widely considered threats to cryptographic algorithm implementations. Timing vulnerabilities may be easier to detect and exploit, and all high-quality cryptographic code today should be written in constant-time style. However, this does not prevent power side-channels from existing. With constant time code, potential attackers can resort to power side-channel attacks to try leaking secrets. Detecting potential power side-channel vulnerabilities is a tedious task, as it requires analyzing code at the assembly level and needs reasoning about which instructions could be leaking information based on their operands and their values. To help make the process of detecting potential power side-channel vulnerabilities easier for cryptographers, this work presents Pascal: Power Analysis Side Channel Attack Locator, a tool that introduces novel symbolic register analysis techniques for binary analysis of constant-time cryptographic algorithms, and verifies locations of potential power side-channel vulnerabilities with high precision. Pascal is evaluated on a number of implementations of post-quantum cryptographic algorithms, and it is able to find dozens of previously reported single-trace power side-channel vulnerabilities in these algorithms, all in an automated manner

A Model-Driven Engineering Technique for Developing Composite Content Applications

Composite Content Applications (CCA) are cross-functional process solutions built on top of Enterprise Content Management systems assembled from pre-built components. Considering the complexity of CCAs, their analysis and development need higher level of abstraction. Model-driven engineering techniques covering the use of Domain-specific Modeling Languages (DSMLs), can provide the abstraction in question by moving software development from code to models which may increase productivity and reduce development costs. Hence, in this paper, we present MDD4CCA, a DSML for developing CCAs. The DSML presents an abstract syntax, a concrete syntax, and an operational semantics, including model-to-model and model-to-code transformations for CCA implementations. Use of the proposed language is evaluated within an industrial case study

ETAP: Energy-aware Timing Analysis of Intermittent Programs

Energy harvesting battery-free embedded devices rely only on ambient energy harvesting that enables stand-alone and sustainable IoT applications. These devices execute programs when the harvested ambient energy in their energy reservoir is sufficient to operate and stop execution abruptly (and start charging) otherwise. These intermittent programs have varying timing behavior under different energy conditions, hardware configurations, and program structures. This paper presents Energy-aware Timing Analysis of intermittent Programs (ETAP), a probabilistic symbolic execution approach that analyzes the timing and energy behavior of intermittent programs at compile time. ETAP symbolically executes the given program while taking time and energy cost models for ambient energy and dynamic energy consumption into account. We evaluated ETAP on several intermittent programs and compared the compile-time analysis results with executions on real hardware. The results show that ETAP's normalized prediction accuracy is 99.5%, and it speeds up the timing analysis by at least two orders of magnitude compared to manual testing.Comment: Corrected typos in the previous submissio

ETAP: Energy-Aware Timing Analysis of Intermittent Programs

Energy harvesting battery-free embedded devices rely only on ambient energy harvesting that enables stand-alone and sustainable IoT applications. These devices execute programs when the harvested ambient energy in their energy reservoir is sufficient to operate and stop execution abruptly (and start charging) otherwise. These intermittent programs have varying timing behavior under different energy conditions, hardware configurations, and program structures. This article presents Energy-aware Timing Analysis of intermittent Programs (ETAP), a probabilistic symbolic execution approach that analyzes the timing and energy behavior of intermittent programs at compile time. ETAP symbolically executes the given program while taking time and energy cost models for ambient energy and dynamic energy consumption into account. We evaluate ETAP by comparing the compile-time analysis results of our benchmark codes and real-world application with the results of their executions on real hardware. Our evaluation shows that ETAP’s prediction error rate is between 0.0076% and 10.8%, and it speeds up the timing analysis by at least two orders of magnitude compared to manual testing.acceptedVersio

AlloyInEcore: Embedding of First-Order Relational Logic into Meta-Object Facility for Automated Model Reasoning

We present AlloyInEcore, a tool for specifying metamodels with their static semantics to facilitate automated, formal reasoning on models. Software development projects require that software systems be specified in various models (e.g., requirements models, architecture models, test models, and source code). It is crucial to reason about those models to ensure the correct and complete system specifications. AlloyInEcore allows the user to specify metamodels with their static semantics, while, using the semantics, it automatically detects inconsistent models, and completes partial models. It has been evaluated on three industrial case studies in the automotive domain (https://modelwriter.github.io/AlloyInEcore/)

Three Sphagnum taxa new to Turkey and South-West Asia

Sphagnum jensenii, S. fallax var. isoviitae, and S. pylaesii were found as new to Turkey and Southwest Asia following a bryological field trip to the Giresun province of Turkey. Sphagnum fallax var. isoviitae was also new to Asia. Descriptions, illustrations, world distribution, ecology, and comparisons with related species are presented

New epiphytic bryophyte communities from Turkey

The epiphytic bryophyte vegetation of the Kümbet Plateau (Dereli-Giresun) was investigated. A total of 40 relevés taken from tree trunks in different vegetation periods of the year 2019 were analysed using multivariate analysis methods such as detrended correspondence analysis (DECORANA) and two-way indicator species analysis (TWINSPAN), and the Braun-Blanquet method was also applied. As a result, Frullanio tamarisci-Neckeretum pumilae Alataş, Ezer, Batan & Erata ass. nov. and Frullanio tamarisci-Neckeretum pumilae-isothecietosum alopecuroidis Alataş, Ezer, Batan & Erata subass. nov. were described as new syntaxa from Turkey. In addition, Ulotetum crispae -sanionietosum uncinatae was recorded for the first time from Turkey, while Ulotetum crispae was recorded for the second time from Turkey. These syntaxa were analysed in terms of their ecological and floristic aspects

Quantum Circuit Reconstruction from Power Side-Channel Attacks on Quantum Computer Controllers

The interest in quantum computing has grown rapidly in recent years, and with it grows the importance of securing quantum circuits. A novel type of threat to quantum circuits that dedicated attackers could launch are power trace attacks. To address this threat, this paper presents first formalization and demonstration of using power traces to unlock and steal quantum circuit secrets. With access to power traces, attackers can recover information about the control pulses sent to quantum computers. From the control pulses, the gate level description of the circuits, and eventually the secret algorithms can be reverse engineered. This work demonstrates how and what information could be recovered. This work uses algebraic reconstruction from power traces to realize two new types of single trace attacks: per-channel and total power attacks. The former attack relies on per-channel measurements to perform a brute-force attack to reconstruct the quantum circuits. The latter attack performs a single-trace attack using Mixed-Integer Linear Programming optimization. Through the use of algebraic reconstruction, this work demonstrates that quantum circuit secrets can be stolen with high accuracy. Evaluation on 32 real benchmark quantum circuits shows that our technique is highly effective at reconstructing quantum circuits. The findings not only show the veracity of the potential attacks, but also the need to develop new means to protect quantum circuits from power trace attacks. Throughout this work real control pulse information from real quantum computers is used to demonstrate potential attacks based on simulation of collection of power traces