A Novel Approach of a Low-Cost Voltage Fault Injection Method for Resource-Constrained IoT Devices: Design and Analysis-Reference-Cited by-同舟云学术

A Novel Approach of a Low-Cost Voltage Fault Injection Method for Resource-Constrained IoT Devices: Design and Analysis

Published:2023-08-15 Issue:16 Volume:23 Page:7180
ISSN:1424-8220
Container-title:Sensors
language:en
Short-container-title:Sensors

Author:

Ruminot Nicolás¹^ORCID,Estevez Claudio¹^ORCID,Montejo-Sánchez Samuel²^ORCID

Affiliation:

1. Department of Electrical Engineering, Universidad de Chile, Santiago 8940577, Chile

2. Programa Institucional de Fomento a la Investigación, Desarrollo e Innovación, Universidad Tecnológica Metropolitana, Santiago 8940577, Chile

Abstract

The rapid development of the Internet of Things (IoT) has brought about the processing and storage of sensitive information on resource-constrained devices, which are susceptible to various hardware attacks. Fault injection attacks (FIAs) stand out as one of the most widespread. Particularly, voltage-based FIAs (V-FIAs) have gained popularity due to their non-invasive nature and high effectiveness in inducing faults by pushing the IoT hardware to its operational limits. Improving the security of devices and gaining a comprehensive understanding of their vulnerabilities is of utmost importance. In this study, we present a novel fault injection method and employ it to target an 8-bit AVR microcontroller. We identify the optimal attack parameters by analyzing the detected failures and their trends. A case study is conducted to validate the efficacy of this new method in a more realistic scenario, focusing on a simple authentication method using the determined optimal parameters. This analysis not only demonstrates the feasibility of the V-FIA but also elucidates the primary characteristics of the resulting failures and their propagation in resource-constrained devices. Additionally, we devise a hardware/software countermeasure that can be integrated into any resource-constrained device to thwart such attacks in IoT scenarios.

Funder

ANID FONDECYT Iniciación

Publisher

MDPI AG

Subject

Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry

Link

https://www.mdpi.com/1424-8220/23/16/7180/pdf

Reference31 articles.

1. (2022). Related Standards Information Security Management (Standard No. ISO/IEC 27001). Technical Report.

2. Cherdantseva, Y., and Hilton, J. (2013, January 2–6). A reference model of information assurance & security. Proceedings of the 2013 International Conference on Availability, Reliability and Security, Regensburg, Germany.

3. IoT vulnerability assessment for sustainable computing: Threats, current solutions, and open challenges;Anand;IEEE Access,2020

4. (2021). Series of Standards, 2021 (Standard No. ISA/IEC 62443).

5. Lueth, K.L. (2020). State of the IoT 2020: 12 Billion IoT Connections, Surpassing Non-IoT for the First Time, International Organization for Standardization. Technical Report, IoT Analytics.

Cited by 2 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Keyless Entry: Breaking and Entering eMMC RPMB with EMFI;Proceedings of the 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks;2024-05-27

2. Differential Fault and Algebraic Equation Combined Analysis on PICO;Mathematics;2024-02-28