All accepted publications from SPARTA partners under its funding.
Analysis of a Laser-induced Instructions Replay Fault Model in a 32-bit Microcontroller
V. Khuat, J. M. Dutertre and J. L. DangerAbstract
In this paper, we present a method to obtain a new Laser Fault Injection (LFI)-induced fault model: replay of instructions on a 32-bit Microcontroller (MCU). This method allows a potential adversary to replay a block of two or four instructions with a fault rate up to 100%. These faults are induced by laser pulses and cause the instructions updating process of a Flash buffer to fail. As a result, the new instructions failing to be stored in the Flash buffer, the previous ones are replayed. We deeply studied the properties of this replay fault model by many experiments of laser fault injections. We have notably shown that the sensitivity window is proportional to the laser Pulse Width (PW), and that up to 20 instructions in a row were tested to be overwritten due to replaying five times the block of four instructions. The effects of the laser power and cache status (enabled or disabled) are also presented. Finally, we proposed and assessed a simple method to detect the LFI-induced replay faults using a hardware counter with different increments. Our results extend the ability of LFI on MCU, illustrating the accuracy and reproducibility of LFI