Recruiting Fault Tolerance Techniques for Microprocessor Security

The growing threat of various attacks on modern microprocessors and systems calls for major design overhauls ranging from plugging micro-architectural side channels such as due to speculative execution to implementing cryptographic accelerators for side-channel and fault attack resistance. In this paper, we suggest to focus on the similarities and the differences between fault tolerance techniques and countermeasures against attacks on security sensitive systems. Modern digital circuits and systems use a diverse set of techniques to ensure operational correctness in the presence of faults. From a security perspective, the goal is to ensure a set of stated security properties hold in the presence of 'security faults' (extending the notion of conventional faults to include injected faults as well as vulnerabilities such as passive side-channels). A point of note here is that under some security faults, the operational correctness may not be compromised. This paper advocates the re-purposing of some of the known fault tolerance techniques, and show how those can be useful for enhancing security in the presence of active side-channel attacks. As a simple illustration of these ideas, we present an experimental case study in fortifying a cryptographic sub-component of a RISC-V based secure system-on-chip, against a formidable fault attack called SIFA.

[1]  Arnab Raha,et al.  Towards full-system energy-accuracy tradeoffs: A case study of an approximate smart camera system? , 2017, 2017 54th ACM/EDAC/IEEE Design Automation Conference (DAC).

[2]  Barry W. Johnson Fault-Tolerant Microprocessor-Based Systems , 1984, IEEE Micro.

[3]  Christian Engelmann,et al.  Resilience Design Patterns: A Structured Approach to Resilience at Extreme Scale , 2016, Supercomput. Front. Innov..

[4]  Andreas Peter Burg,et al.  Statistical fault injection for impact-evaluation of timing errors on application performance , 2016, 2016 53nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[5]  Andrew B. Kahng,et al.  Accuracy-configurable adder for approximate arithmetic designs , 2012, DAC Design Automation Conference 2012.

[6]  Luca Faust,et al.  Computer Organization And Architecture Designing For Performance , 2016 .

[7]  Avi Mendelson,et al.  ITUS: A Secure RISC-V System-on-Chip , 2019, 2019 32nd IEEE International System-on-Chip Conference (SOCC).

[8]  Srdjan Capkun,et al.  Software Grand Exposure: SGX Cache Attacks Are Practical , 2017, WOOT.

[9]  Ingrid Verbauwhede,et al.  The Fault Attack Jungle - A Classification Model to Guide You , 2011, 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[10]  Michael S. Floyd,et al.  Fault - tolerant design of the IBM POWER6™ microprocessor , 2007, 2007 IEEE Hot Chips 19 Symposium (HCS).

[11]  Adi Shamir,et al.  Cache Attacks and Countermeasures: The Case of AES , 2006, CT-RSA.

[12]  Eric Rotenberg,et al.  AR-SMT: a microarchitectural approach to fault tolerance in microprocessors , 1999, Digest of Papers. Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing (Cat. No.99CB36352).

[13]  Michael Nicolaidis Time redundancy based soft-error tolerance to rescue nanometer technologies , 1999, Proceedings 17th IEEE VLSI Test Symposium (Cat. No.PR00146).

[14]  Todd M. Austin,et al.  DIVA: a reliable substrate for deep submicron microarchitecture design , 1999, MICRO-32. Proceedings of the 32nd Annual ACM/IEEE International Symposium on Microarchitecture.

[15]  Mustafa Khairallah,et al.  A Countermeasure Against Statistical Ineffective Fault Analysis , 2020, IEEE Transactions on Circuits and Systems II: Express Briefs.

[16]  David Naccache,et al.  The Sorcerer's Apprentice Guide to Fault Attacks , 2006, Proceedings of the IEEE.

[17]  N. Seifert,et al.  Robust system design with built-in soft-error resilience , 2005, Computer.

[18]  Irith Pomeranz,et al.  Transient-fault recovery using simultaneous multithreading , 2002, Proceedings 29th Annual International Symposium on Computer Architecture.

[19]  Shubhendu S. Mukherjee,et al.  Transient fault detection via simultaneous multithreading , 2000, Proceedings of 27th International Symposium on Computer Architecture (IEEE Cat. No.RS00201).

[20]  Chris Fallin,et al.  Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors , 2014, 2014 ACM/IEEE 41st International Symposium on Computer Architecture (ISCA).

[21]  Kaushik Roy,et al.  Approximate Computing: An Energy-Efficient Computing Technique for Error Resilient Applications , 2015, 2015 IEEE Computer Society Annual Symposium on VLSI.

[22]  Ravishankar K. Iyer,et al.  Recent advances and new avenues in hardware-level reliability support , 2005, IEEE Micro.

[23]  Robert E. Lyons,et al.  The Use of Triple-Modular Redundancy to Improve Computer Reliability , 1962, IBM J. Res. Dev..

[24]  Alessandro Barenghi,et al.  Fault Injection Attacks on Cryptographic Devices: Theory, Practice, and Countermeasures , 2012, Proceedings of the IEEE.