Let's shock our IoT's heart: ARMv7-M under (fault) attacks - Archive ouverte HAL Access content directly
Conference Papers Year : 2018

Let's shock our IoT's heart: ARMv7-M under (fault) attacks

(1) , (2) , (1, 2) , (3)
1
2
3

Abstract

A fault attack is a well-known technique where the behaviour of a chip is voluntarily disturbed by hardware means in order to undermine the security of the information handled by the target. In this paper, we explore how Electromagnetic fault injection (EMFI) can be used to create vulnerabilities in sound software, targeting a Cortex-M3 microcontroller. Several use-cases are shown experimentally: control flow hijacking, buffer overflow (even with the presence of a canary), covert backdoor insertion and Return Oriented Programming can be achieved even if programs are not vulnerable in a software point of view. These results suggest that the protection of any software against vulnerabilities must take hardware into account as well.
Fichier principal
Vignette du fichier
ares18.pdf (1.25 Mo) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01950842 , version 1 (12-12-2018)

Identifiers

Cite

Sebanjila Kevin Bukasa, Ronan Lashermes, Jean-Louis Lanet, Axel Legay. Let's shock our IoT's heart: ARMv7-M under (fault) attacks. ARES 2018 - 13th International Conference on Availability, Reliability and Security, Aug 2018, Hambourg, Germany. pp.1-6, ⟨10.1145/3230833.3230842⟩. ⟨hal-01950842⟩
152 View
419 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More