Choudhury, M., Gao, M., Varna, A., Peer, E., & Forte, D. (2024). TRANSPOSE: Transitional Approaches for Spatially-Aware LFI Resilient FSM Encoding. arXiv preprint arXiv:2411.02798.
This paper introduces TRANSPOSE, a novel CAD framework designed to enhance the security of Finite State Machines (FSMs) against Laser Fault Injection (LFI) attacks by generating LFI-resistant state encodings and optimizing floorplan layouts.
The authors propose a new security metric called Spatial Transitional Vulnerability Metric (STVM) that considers both the spatial proximity of flip-flops (FFs) in the layout and the specific authorized transitions in the FSM. They categorize FFs into secure FFs (SFFs) and normal FFs (NFFs) based on their spatial separation and vulnerability to laser attacks. TRANSPOSE utilizes Integer Linear Programming (ILP) to generate optimized state encodings that minimize switching activity while ensuring a minimum Hamming distance between authorized and unauthorized states. Additionally, it employs ILP for floorplan optimization, strategically placing SFFs to prevent simultaneous laser faults on multiple critical FFs.
The paper demonstrates that existing state-based LFI countermeasures, which rely on the bit-flip model, can lead to inaccurate vulnerability assessments and fail to provide adequate security against precise set-reset LFI attacks. TRANSPOSE addresses these limitations by incorporating the precise set-reset model and considering the spatial arrangement of FFs in its vulnerability analysis. Experimental results on five benchmark FSM controllers demonstrate that TRANSPOSE outperforms existing FSM encoding schemes in terms of security and overhead.
TRANSPOSE offers a comprehensive and efficient solution for enhancing FSM resilience against LFI attacks. By considering both spatial and transitional vulnerabilities, it enables the generation of secure state encodings and optimized floorplan layouts that minimize the risk of unauthorized state transitions due to LFI.
This research significantly contributes to the field of hardware security by providing a practical and automated framework for designing LFI-resilient FSMs. The proposed STVM metric and the consideration of precise set-reset models enhance the accuracy of vulnerability assessments, leading to more effective countermeasures against LFI attacks.
The paper primarily focuses on univariate LFI attacks, where faults are injected within a single clock cycle. Future research could explore extending TRANSPOSE to address multivariate LFI attacks that span multiple clock cycles. Additionally, investigating the effectiveness of TRANSPOSE against emerging LFI techniques, such as laser beam shaping and multi-spot LFI, would be valuable.
To Another Language
from source content
arxiv.org
Key Insights Distilled From
by Muhtadi Chou... at arxiv.org 11-06-2024
https://arxiv.org/pdf/2411.02798.pdfDeeper Inquiries