The technological trend towards high-level integration, combined with ever increasing demands on computational performance, result in more and more complex trusted systems. However, this complexity and the advances in process technology come at the cost of increased susceptibility to interference from outside (e.g., radiation), resulting in faults and erroneous behavior. Furthermore, a growing number of increasingly refined higher-order fault attacks (FA) aim at extracting sensitive information from these systems. The increased vulnerability of trusted systems has to be addressed by hardware and software designers during the development process. Numerous security- and dependability aware design techniques are employed and have to be tested in order to determine their effectiveness. Especially for mobile devices, the impact of the used techniques on the total power consumption, i.e. the power-efficiency trade-off, is of increased interest. Furthermore, the impact of a (higher-order) fault attack on the power profile is particularly important, as it can be used by an attacker to evaluate the result of an attack and to gain critical information on the state of the system-under-attack (e.g., side channel attacks
For trusted systems hardware and software developers, effective tools to quickly evaluate power-efficiency trade-offs of various fault detection and recovery mechanisms are missing. Simulation-based approaches for complex systems consume vast amounts of execution time, rendering quick design decisions at early design stages. Functional emulation, built upon FPGAs, is a well known technique for speeding-up the functional verification of software for a given target device before its physical implementation is available. For accelerating the verification of power requirements, the power emulation paradigm has recently been introduced in the FIT-IT funded POWERHOUSE project. However, strong limitations exist regarding the quick analysis of the effectiveness of fault attack countermeasures and fault detection mechanisms and their impact on the total power consumption of the system. The analysis and optimization of fault detection and recovery mechanisms, especially considering the power consumption metric, is therefore usually limited to very small design spaces. From an economic point of view, cost and time-to-market pressure are additional reasons for introducing tools.
Aim of the project is to enable hybrid fault attack and power emulation within a trusted system development process, yielding the following advantages:
The goal of the POWER-MODES project is to provide key innovations in hybrid fault attack and power emulation: (1) Integration of higher-order fault attack emulation and power emulation approach alongside state-of-the art functional emulation to enable rapid fault attack-aware and power-aware trusted system development, (2) power-effectiveness analysis and optimization of fault attack detection and recovery techniques in the development process of the trusted system, and (3) development, implementation and fabrication of fault attack – resistant operating system for RF-powered smart cards. It is expected that the proposed approach dramatically increases the possibilities for fault attack- and power-aware development compared to existing commercial solutions. Furthermore, the overhead introduced by the joint fault attack and power emulation approach is likely to be compensated by the added value of the tool chain. The hybrid higher-order fault attack and power emulation approach combines the benefits of several traditional development processes for secure and dependable embedded systems. Figure 2 outlines multiple aspects of the trusted systems development process that are covered by the POWER-MODES approach. The figure also outlines the claim of the project to develop a concept that can be applied widely and is not restricted to a specific emulator or software development environment.
The integration of an operating system development into the POWER-MODES project ensures the evaluation of the developed methodologies and techniques. The project benefits from the direct feedback of the software developers employing these methodologies and techniques. Furthermore, the fault attack-resistant operating system serves as proof-of-concept.