PowerModes - POWer EmulatoR and MOdel based DEpendability and Security evaluation platform
Modern societies rely on vast numbers of trusted services in such diverse fields as infrastructure, transportation or the financial markets. Most of these services rely on computer-based information systems, composed of stationary as well as an increasing number of mobile devices. All of these devices are required to assure security, dependability and trust for their prospective users. However, a growing number of increasingly refined higher-order fault attacks (FA) aim at extracting sensitive information from these systems. Furthermore, the technological trends towards high-level integration come at the cost of increased susceptibility to random faults. For this reason, gradually more complex fault detection and recovery mechanisms have to be integrated also into mobile trusted devices. Especially for mobile devices operating on limited power budgets (e.g., battery powered or energy harvesting devices), a trade-off between the effectiveness and the power consumption impact of fault attack detection / recovery mechanisms has to be found. Trusted systems hardware and software developers are still lacking effective development methodologies and tools for exploring this trade-off. Cost and time-to-market pressure are economical drivers for establishing development methodologies and tools that ensure short design cycles. The constantly increasing complexity of mobile trusted devices in recent years further increases the development effort. The goal of the POWER-MODES project is to provide key innovations in hybrid fault attack and power emulation: (1) Integration of higher-order fault attack emulation and power emulation approach alongside state-of-the art functional emulation to enable rapid fault attack-aware and power-aware trusted system development, (2) power-effectiveness analysis and optimization of fault attack detection and recovery techniques in the development process of the trusted system, and (3) development, implementation and fabrication of fault attack resistant operating system for RF-powered smart cards. It is expected that the proposed approach dramatically increases the possibilities for fault attack- and power-aware development compared to existing commercial solutions. Furthermore, the overhead introduced by the joint fault attack and power emulation approach is likely to be compensated by the added value of the tool chain.

The technological trend towards high-level integration, combined with ever increasing demands on computational performance, result in more and more complex trusted systems. However, this complexity and the advances in process technology come at the cost of increased susceptibility to interference from outside (e.g., radiation), resulting in faults and erroneous behavior. Furthermore, a growing number of increasingly refined higher-order fault attacks (FA) aim at extracting sensitive information from these systems. The increased vulnerability of trusted systems has to be addressed by hardware and software designers during the development process. Numerous security- and dependability aware design techniques are employed and have to be tested in order to determine their effectiveness. Especially for mobile devices, the impact of the used techniques on the total power consumption, i.e. the power-efficiency trade-off, is of increased interest. Furthermore, the impact of a (higher-order) fault attack on the power profile is particularly important, as it can be used by an attacker to evaluate the result of an attack and to gain critical information on the state of the system-under-attack (e.g., side channel attacks

For trusted systems hardware and software developers, effective tools to quickly evaluate power-efficiency trade-offs of various fault detection and recovery mechanisms are missing. Simulation-based approaches for complex systems consume vast amounts of execution time, rendering quick design decisions at early design stages. Functional emulation, built upon FPGAs, is a well known technique for speeding-up the functional verification of software for a given target device before its physical implementation is available. For accelerating the verification of power requirements, the power emulation paradigm has recently been introduced in the FIT-IT funded POWERHOUSE project. However, strong limitations exist regarding the quick analysis of the effectiveness of fault attack countermeasures and fault detection mechanisms and their impact on the total power consumption of the system. The analysis and optimization of fault detection and recovery mechanisms, especially considering the power consumption metric, is therefore usually limited to very small design spaces. From an economic point of view, cost and time-to-market pressure are additional reasons for introducing tools.

Aim of the project is to enable hybrid fault attack and power emulation within a trusted system development process, yielding the following advantages:

  • Run-time power-aware design space exploration for fault detection and recovery techniques through hybrid fault attack and power emulation
  • Accelerated investigation of novel power-efficient fault detection and recovery techniques
  • Faster time-to-market due to accelerated power and security design space exploration and verification

 

The goal of the POWER-MODES project is to provide key innovations in hybrid fault attack and power emulation: (1) Integration of higher-order fault attack emulation and power emulation approach alongside state-of-the art functional emulation to enable rapid fault attack-aware and power-aware trusted system development, (2) power-effectiveness analysis and optimization of fault attack detection and recovery techniques in the development process of the trusted system, and (3) development, implementation and fabrication of fault attack – resistant operating system for RF-powered smart cards. It is expected that the proposed approach dramatically increases the possibilities for fault attack- and power-aware development compared to existing commercial solutions. Furthermore, the overhead introduced by the joint fault attack and power emulation approach is likely to be compensated by the added value of the tool chain. The hybrid higher-order fault attack and power emulation approach combines the benefits of several traditional development processes for secure and dependable embedded systems. Figure 2 outlines multiple aspects of the trusted systems development process that are covered by the POWER-MODES approach. The figure also outlines the claim of the project to develop a concept that can be applied widely and is not restricted to a specific emulator or software development environment.

1. Integration of higher-order fault attack emulation and power emulation approach


The integration of the fault attack emulation into the functional and power emulation approach (developed in the currently ongoing POWER-HOUSE project) enables the investigation of the power impact of fault attacks on a given system. Furthermore, the increased power cost for fault attack detection and recovery mechanisms allows for power-efficiency trade-off decisions.

2. Power-effectiveness analysis and optimization of fault attack detection and recovery techniques in the development process of the trusted system


State-of-the-art and novel fault attack detection and recovery SW and HW techniques are analyzed for their effectiveness and their impact on the power consumption. A power-effectiveness comparison, aiding designers in choosing the optimal technique under the given requirements (e.g., fault detection rates and battery lifetime requirements), is being created.

 

3. Development, implementation and fabrication of fault attack – resistant operating system for RF-powered smart cards

The integration of an operating system development into the POWER-MODES project ensures the evaluation of the developed methodologies and techniques. The project benefits from the direct feedback of the software developers employing these methodologies and techniques. Furthermore, the fault attack-resistant operating system serves as proof-of-concept.

Mitarbeiter
Projektleiter
Christian Steger
Ass.Prof. Dipl.-Ing. Dr.techn.
Teilnehmer / Mitarbeiter
Johannes Grinschgl
Dipl.-Ing.
Armin Krieg
Dipl.-Ing. BSc.
Fördergeber
  • Österreichische Forschungsförderungsgesellschaft mbH (FFG) , FFG
Forschungsgebiete
  • Hardware/Software-Codesign
Beginn: 30.04.2010
Ende: 30.10.2012

Ausgewählte Publikationen

2013
Beitrag in Fachzeitschrift
Christian Steger and Reinhold Weiß Case study on multiple fault dependability and security evaluations Publikation in PURE anzeigen
Christian Steger and Reinhold Weiß Power And Fault Emulation For Software Verification and System Stability Testing in Safety Critical Environments Publikation in PURE anzeigen
2012
Beitrag in Fachzeitschrift
Christian Steger and Reinhold Weiß POWER-MODES - POWer EmulatoR and MOdel based Dependability and Security evaluations Publikation in PURE anzeigen
Tagungsbeitrag
Christian Steger and Reinhold Weiß Hardware-Accelerated Workload Characterization for Power Modeling and Fault Injection Hardware-Accelerated Workload Characterization for Power Modeling and Fault Injection 149-154 Publikation in PURE anzeigen
Christian Steger and Reinhold Weiß PROCOMON - An Automatically Generated Predictive Control-Signal Monitor PROCOMON - An Automatically Generated Predictive Control-Signal Monitor 654-660 Publikation in PURE anzeigen
Christian Steger and Reinhold Weiß Efficient Fault Emulation using Automatic Pre-Injection Memory Access Analysis Efficient Fault Emulation using Automatic Pre-Injection Memory Access Analysis 277-282 Publikation in PURE anzeigen
Christian Steger and Reinhold Weiß Acceleration of Fault Attack Emulation by Consideration of Fault Propagation Acceleration of Fault Attack Emulation by Consideration of Fault Propagation 239-242 Publikation in PURE anzeigen
Christian Steger and Reinhold Weiß Efficient fault emulation based on post-injection fault effect analysis (PIFEA) Efficient fault emulation based on post-injection fault effect analysis (PIFEA) 526-529 Publikation in PURE anzeigen
Christian Steger and Reinhold Weiß System Side-Channel Leakage Emulation for HW/SW Security Coverification of MPSoCs System Side-Channel Leakage Emulation for HW/SW Security Coverification of MPSoCs 139-144 Publikation in PURE anzeigen
Christian Steger and Reinhold Weiß Characterization and Handling of Low-Cost Micro-Architectural Signatures in MPSoCs Characterization and Handling of Low-Cost Micro-Architectural Signatures in MPSoCs 62-67 Publikation in PURE anzeigen
Sonstiger Beitrag
Acceleration of Fault Attack Emulation by Consideration of Fault Propagation Publikation in PURE anzeigen
2011
Tagungsbeitrag
Christian Steger and Reinhold Weiß A Side Channel Attack Countermeasure using System-On-Chip Power Profile Scrambling A Side Channel Attack Countermeasure using System-On-Chip Power Profile Scrambling 222-227 Publikation in PURE anzeigen
Christian Steger and Reinhold Weiß Automatic Saboteur Placement for Emulation-Based Multi-Bit Fault Injection Automatic Saboteur Placement for Emulation-Based Multi-Bit Fault Injection 1-8 Publikation in PURE anzeigen
Christian Steger and Reinhold Weiß Run-Time FPGA Health Monitoring using Power Emulation Techniques Run-Time FPGA Health Monitoring using Power Emulation Techniques 1-4 Publikation in PURE anzeigen
Christian Steger and Reinhold Weiß Accelerating Early Design Phase Differential Power Analysis Using Power Emulation Techniques Accelerating Early Design Phase Differential Power Analysis Using Power Emulation Techniques 81-86 Publikation in PURE anzeigen
Christian Steger and Reinhold Weiß Modular Fault Injector for Multiple Fault Dependability and Security Evaluations Modular Fault Injector for Multiple Fault Dependability and Security Evaluations 550-557 Publikation in PURE anzeigen
Sonstiger Beitrag
Run-Time FPGA Health Monitoring using Power Emulation Techniques Publikation in PURE anzeigen