Efficient design and evaluation of countermeasures against fault attacks using formal verification

This paper presents a formal verification framework and tool that evaluates the robustness of software countermeasures against fault-injection attacks. By modeling reference assembly code and its protected variant as automata, the framework can generate a set of equations for an SMT solver, the solutions of which represent possible attack paths. Using the tool we developed, we evaluated the robustness of state-of-the-art countermeasures against fault injection attacks. Based on insights gathered from this evaluation, we analyze any remaining weaknesses and propose applications of these countermeasures that are more robust

Scalable Verification of Linear Controller Software

We consider the problem of verifying software implementations of linear time-invariant controllers against mathematical specifications. Given a controller specification, multiple correct implementations may exist, each of which uses a different representation of controller state (e.g., due to optimizations in a third-party code generator). To accommodate this variation, we first extract a controller\u27s mathematical model from the implementation via symbolic execution, and then check input-output equivalence between the extracted model and the specification by similarity checking. We show how to automatically verify the correctness of C code controller implementation using the combination of techniques such as symbolic execution, satisfiability solving and convex optimization. Through evaluation using randomly generated controller specifications of realistic size, we demonstrate that the scalability of this approach has significantly improved compared to our own earlier work based on the invariant checking method

Formal Verification of Masked Hardware Implementations in the Presence of Glitches

Masking provides a high level of resistance against side-channel analysis. However, in practice there are many possible pitfalls when masking schemes are applied, and implementation flaws are easily overlooked. Over the recent years, the formal verification of masked software implementations has made substantial progress. In contrast to software implementations, hardware implementations are inherently susceptible to glitches. Therefore, the same methods tailored for software implementations are not readily applicable. In this work, we introduce a method to formally verify the security of masked hardware implementations that takes glitches into account. Our approach does not require any intermediate modeling steps of the targeted implementation and is not bound to a certain leakage model. The verification is performed directly on the circuit’s netlist, and covers also higher-order and multivariate flaws. Therefore, a sound but conservative estimation of the Fourier coefficients of each gate in the netlist is calculated, which characterize statistical dependence of the gates on the inputs and thus allow to predict possible leakages. In contrast to existing practical evaluations, like t-tests, this formal verification approach makes security statements beyond specific measurement methods, the number of evaluated leakage traces, and the evaluated devices. Furthermore, flaws detected by the verifier are automatically localized. We have implemented our method on the basis of an SMT solver and demonstrate the suitability on a range of correctly and incorrectly protected circuits of different masking schemes and for different protection orders. Our verifier is efficient enough to prove the security of a full masked AES S-box, and of the Keccak S-box up to the third protection order

Automatic Verification of Finite Precision Implementations of Linear Controllers

We consider the problem of verifying finite precision implementation of linear time-invariant controllers against mathematical specifications. A specification may have multiple correct implementations which are different from each other in controller state representation, but equivalent from a perspective of input-output behavior (e.g., due to optimization in a code generator). The implementations may use finite precision computations (e.g. floating-point arithmetic) which cause quantization (i.e., roundoff) errors. To address these challenges, we first extract a controller\u27s mathematical model from the implementation via symbolic execution and floating-point error analysis, and then check approximate input-output equivalence between the extracted model and the specification by similarity checking. We show how to automatically verify the correctness of floating-point controller implementation in C language using the combination of techniques such as symbolic execution and convex optimization problem solving. We demonstrate the scalability of our approach through evaluation with randomly generated controller specifications of realistic size

Maximization of Water Productivity and Yield of Two Iceberg Lettuce Cultivars in Hydroponic Farming System Using Magnetically Treated Saline Water

Egypt has limited agricultural land, associated with the scarcity of irrigation water and rapid population growth. Hydroponic farming, seawater desalination and magnetic treatment are among the practical solutions for sustaining rapid population growth. In this regard, the main objective of the present research study was to design and construct a hierarchical engineering unit as a hydroponic farming system (soilless) to produce an iceberg lettuce crop using magnetically treated saline water. The treatments included four types of irrigation water: common irrigation water (IW1) with an electrical conductivity (EC) of 0.96 dS/m as a control treatment, magnetically treated common irrigation water (IW2) with an EC of 0.96 dS/m, saline water (IW3) with an EC of 4.56 dS/m and magnetically treated saline water (IW4) with an EC of 4.56 dS/m; three depletion ratios (DR) of field capacity (DR0 = 50%, DR1 = 60% and DR2 = 70%) and three slopes of hydroponic pipes (S1 = 0.0%, S2 = 0.025% and S3 = 0.075%). The results revealed that seawater contributed 7.15% to produce iceberg lettuce in the hydroponic system. The geometric parameter, the slope of the pipes, influenced the obtained luminous intensity by an average increase of 21% and 71% for S2 and S3, respectively, compared with the zero slope (horizontal pipes). Magnetization of irrigation water increased the total soluble solids (TSS) and enhanced the fresh weight and water productivity of both iceberg lettuce varieties used. The maximum percentages of TSS were 5.20% and 5.10% for lemur and iceberg 077, respectively, for the combination IW4DR2S2. The highest values of fresh weight and water productivity of 3.10 kg/m and 39.15 kg/m3 were recorded with the combinations IW3DR2S3 and IW4DR1S3, respectively, for lemur and iceberg lettuce. The percentages of these increases were 109.46% and 97.78%, respectively, when compared with the combination IW1DR0S1. The highest values of iceberg lettuce 077 fresh weight and water productivity were 2.93 kg/m and 36.15 kg/m3, respectively, which were recorded with the combination IW4DR1S3. The percentages of these increases were 112.32% and 120.56%, respectively, when compared with IW1DR0S1 (the control treatment)