Exploring Embedded Software with Side Channels and Fault Analysis

Given two embedded systems that perform the same task, how can we tell without looking at their source code whether or not they have been independently developed? This is a serious problem that might cause large monetary loss for embedded software companies that distribute their intellectual property (IP) without taking countermeasures against plagiarists. By committing IP violation, the plagiarist can save the cost and time that it took to develop the original software and bring a system with the same functionality but for a cheaper price to market.We address this problem by making use of side channels and faults — properties of physical systems that allow us to distinguish some of the performed instructions and computations. By passively observing the side channels, or even by actively creating them, we can detect plagiarized IP and prove or disprove its existence. In this work we present an overview of our research for IP protection in software.Related lab set-ups for teaching side channel and fault analysis in undergraduate and graduate studies at universities are described. This includes our regularly used Differential Power Analysis (DPA) Lab and Differential Fault Analysis (DFA) Lab as well as advanced labs that result from our research in side channel and fault channel watermarking.