An automated and scalable formal process for detecting fault injection vulnerabilities in binaries - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Article Dans Une Revue Concurrency and Computation: Practice and Experience Année : 2018

An automated and scalable formal process for detecting fault injection vulnerabilities in binaries

Thomas Given-Wilson
  • Fonction : Auteur
  • PersonId : 955938
Threat Analysis and Mitigation for Information Security
Annelie Heuser
Threat Analysis and Mitigation for Information Security
Nisrine Jafri
  • Fonction : Auteur
  • PersonId : 993128
Threat Analysis and Mitigation for Information Security
Axel Legay
  • Fonction : Auteur
  • PersonId : 861400
Département d'Ingénierie Informatique - UCL

Résumé

Fault injection has increasingly been used both to attack software applications, and to test system robustness. Detecting fault injection vulnerabilities has been approached with a variety of different but limited methods. This paper proposes an extension of a recently published general model checking based process to detect fault injection vulnerabilities in binaries. This new extension makes the general process scalable to real-world implementions which is demonstrated by detecting vulnerabilities in different cryptographic implementations.

Domaines

Informatique [cs]
Fichier principal
Vignette du fichier
main.pdf (311.59 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)

Nisrine JAFRI  : Connectez-vous pour contacter le contributeur

https://inria.hal.science/hal-01960940

Soumis le : mercredi 19 décembre 2018-16:51:48

Dernière modification le : vendredi 24 mars 2023-14:53:09

Télécharger pour visualiser

Dates et versions

hal-01960940 , version 1 (19-12-2018)
hal-01960940 , version 2 (19-12-2018)

Identifiants

Citer

Thomas Given-Wilson, Annelie Heuser, Nisrine Jafri, Axel Legay. An automated and scalable formal process for detecting fault injection vulnerabilities in binaries. Concurrency and Computation: Practice and Experience, 2018, pp.1-12. ⟨10.1002/cpe.4794⟩. ⟨hal-01960940v2⟩

Exporter

BibTeX XML-TEI Dublin Core DC Terms EndNote DataCite

Collections

UNIV-RENNES1 CNRS INRIA INSA-RENNES IRISA CENTRALESUPELEC INRIA2 UR1-MATH-STIC UR1-UFR-ISTIC CHAIRE-CYBERSECURITE UNIV-RENNES UR1-MATH-NUM
111 Consultations
247 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More