Share

µArchiFI: pre-silicon formal analysis of vulnerabilities against fault injection attacks

#Cybersecurity #Fault injection #open source #Pre-silicon formal analysis

µArchiFI is a pre-silicon formal analysis tool for evaluating the robustness of embedded systems against fault injection attacks. In particular, µArchiFI is able to take into account the subtle interactions between a microarchitecture and the software executed on a processor.
µArchiFI enables users to:

  • identify exploitable software-level vulnerabilities relying on interactions between software and hardware,
  • formally prove the security of embedded systems integrating fault injection countermeasures.

µArchiFI is available as an open-source basis.

What it is for

Pre-silicon analysis of processor microarchitectures

Fault injection attacks exploit physical perturbations (radiation, clock disturbances, etc.) in embedded systems to gain access to sensitive data or escalate execution privileges. Fault effects propagate from the hardware level up to the software level, making purely hardware- or software-based models insufficient.

µArchiFI enables a comprehensive analysis by jointly considering the processor, the software stack, and the attacker model, thereby helping designers develop and formally verify countermeasures against fault injection attacks.

Advantages

Recognized expertise, advanced features, and technological sovereignty

µArchiFI stands out for its key strengths:

  • Pre-silicon analysis of the software-level consequences, on binary executables, of applying fault models to RTL (Register Transfer Level) processor designs.
  • Exhaustive analysis technique using formal methods.
  • Original analysis methodology for hardware countermeasures applicable at the hardware netlist level.
  • Applicability to a wide range of processors, including secured processors featuring hardware and/or software countermeasures, as well as cryptographic hardware accelerators.
Applications

Vulnerability detection

µArchiFI can identify potential vulnerabilities in a hardware/software system or formally prove its robustness against a given fault model.

µArchiFI is therefore a valuable tool for countermeasure designers, enabling them to evaluate the security benefits of proposed protections during the design phase. Throughout system development, hardware designers can analyze the detected vulnerabilities in order to refine both the specification and the implementation of the countermeasures.

In addition, µArchiFI can be used to assess the overall robustness of a system against fault injection attacks.

Use case

Analysis of a Secure Boot Mechanism within a Hardware Root of Trust (RoT)

A key component in the security of System-on-Chip (SoC) platforms is the hardware Root of Trust (RoT). Traditionally, the robustness evaluation of an RoT relies on costly post-silicon characterization campaigns whose results may vary depending on the evaluator, the tools, and the testing methodology.

In collaboration with Technical University of Graz (TU Graz), the development of a new technique called k-FRP (k-Fault Resistant Partitioning) enabled a world-first achievement: a security analysis of OpenTitan against fault injection attacks. OpenTitan was developed by a consortium of digital systems and cybersecurity industry leaders.

Success stories

A series of world-firsts

µArchiFI claims several world-first achievements demonstrating its technological advances:

  • Automated identification of vulnerabilities on a non-secure processor and the discovery of new fault effects exploiting microarchitectural behaviors (2022).
  • Proof-of-robustness of a combined hardware/software countermeasure against fault-injection attacks (2022).
  • Identification of a previously-unknown vulnerability in the OpenTitan hardware RoT; the formal verification that the patch applied to the OpenTitan design effectively fixes the vulnerability, and therefore the proof of robustness of its secure processor against a single fault injection (2024).
  • Demonstration that the identified vulnerability was not exploitable within the first 2,500 instructions of the OpenTitan boot code first stage (2024).

Publications

 

Go to the µArchiFI page on Github

See also

#pre-silicon analysis #Systems engineering and digital twins #μArchiFI
2024 Activity Report

Analyzing robustness of secure systems against fault injection attacks: in processor microarchitecture
Fault injection attacks threaten the security of digital systems. CEA-List and Graz Technical University (Austria) developed a new pre-silicon analysis method that led to the world’s first demons...
Read more
Focus areas

Cybersecurity: toward safety and privacy by design
Cybersecurity is at the heart of digital sovereignty, and an essential constituent of modern societies. As a crucial element for peace and security in cyberspace, it is an invisible but key enabler fo...
Read more
#Cybersecurity #software analysis #surety
Technology platforms

Cybersecurity
Cybersecurity is about analyzing vulnerabilities in complex digital systems and using innovative technologies to find new ways of preventing cyberattacks.
Read more