A Novel Approach of a Low-Cost Voltage Fault Injection Method for Resource-Constrained IoT Devices: Design and Analysis

被引:2
作者
Ruminot, Nicolas [1 ]
Estevez, Claudio [1 ]
Montejo-Sanchez, Samuel [2 ]
机构
[1] Univ Chile, Dept Elect Engn, Santiago 8940577, Chile
[2] Univ Tecnol Metropolitana, Programa Inst Fomento Invest Desarrollo & Innovac, Santiago 8940577, Chile
关键词
cybersecurity; fault injection attack; Internet of Things (IoT); physical attack; resource-constrained device;
D O I
10.3390/s23167180
中图分类号
O65 [分析化学];
学科分类号
070302 ; 081704 ;
摘要
The rapid development of the Internet of Things (IoT) has brought about the processing and storage of sensitive information on resource-constrained devices, which are susceptible to various hardware attacks. Fault injection attacks (FIAs) stand out as one of the most widespread. Particularly, voltage-based FIAs (V-FIAs) have gained popularity due to their non-invasive nature and high effectiveness in inducing faults by pushing the IoT hardware to its operational limits. Improving the security of devices and gaining a comprehensive understanding of their vulnerabilities is of utmost importance. In this study, we present a novel fault injection method and employ it to target an 8-bit AVR microcontroller. We identify the optimal attack parameters by analyzing the detected failures and their trends. A case study is conducted to validate the efficacy of this new method in a more realistic scenario, focusing on a simple authentication method using the determined optimal parameters. This analysis not only demonstrates the feasibility of the V-FIA but also elucidates the primary characteristics of the resulting failures and their propagation in resource-constrained devices. Additionally, we devise a hardware/software countermeasure that can be integrated into any resource-constrained device to thwart such attacks in IoT scenarios.
引用
收藏
页数:17
相关论文
共 31 条
[1]  
Alrashdi I, 2019, 2019 IEEE 9TH ANNUAL COMPUTING AND COMMUNICATION WORKSHOP AND CONFERENCE (CCWC), P305, DOI 10.1109/CCWC.2019.8666450
[2]   IoT Vulnerability Assessment for Sustainable Computing: Threats, Current Solutions, and Open Challenges [J].
Anand, Pooja ;
Singh, Yashwant ;
Selwal, Arvind ;
Alazab, Mamoun ;
Tanwar, Sudeep ;
Kumar, Neeraj .
IEEE ACCESS, 2020, 8 (168825-168853) :168825-168853
[3]  
[Anonymous], 2022, ISO/IEC 27001
[4]  
[Anonymous], 2021, ISA/IEC 62443
[5]  
Balasch J., 2011, 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography, P105, DOI 10.1109/FDTC.2011.9
[6]   The sorcerer's apprentice guide to fault attacks [J].
Bar-El, H ;
Choukri, H ;
Naccache, D ;
Tunstall, M ;
Whelan, C .
PROCEEDINGS OF THE IEEE, 2006, 94 (02) :370-382
[7]  
Biham E, 1997, LECT NOTES COMPUT SC, V1294, P513
[8]  
Bozzato C., 2019, IACR T CRYPTOGRAPHIC, P199
[9]   How Practical Are Fault Injection Attacks, Really? [J].
Breier, Jakub ;
Hou, Xiaolu .
IEEE ACCESS, 2022, 10 :113122-113130
[10]   A New Hybrid Fault Tolerance Approach for Internet of Things [J].
Cheraghlou, Mehdi Nazari ;
Khadem-Zadeh, Ahmad ;
Haghparast, Majid .
ELECTRONICS, 2019, 8 (05)