{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,24]],"date-time":"2026-02-24T18:32:35Z","timestamp":1771957955631,"version":"3.50.1"},"reference-count":40,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2017,7,28]],"date-time":"2017-07-28T00:00:00Z","timestamp":1501200000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["1441710"],"award-info":[{"award-number":["1441710"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000028","name":"Semiconductor Research Corporation","doi-asserted-by":"crossref","id":[{"id":"10.13039\/100000028","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Embed. Comput. Syst."],"published-print":{"date-parts":[[2017,11,30]]},"abstract":"<jats:p>Fault attacks on cryptographic software use faulty ciphertext to reverse engineer the secret encryption key. Although modern fault analysis algorithms are quite efficient, their practical implementation is complicated because of the uncertainty that comes with the fault injection process. First, the intended fault effect may not match the actual fault obtained after fault injection. Second, the logic target of the fault attack, the cryptographic software, is above the abstraction level of physical faults. The resulting uncertainty with respect to the fault effects in the software may degrade the efficiency of the fault attack, resulting in many more trial fault injections than the amount predicted by the theoretical fault attack. In this contribution, we highlight the important role played by the processor microarchitecture in the development of a fault attack. We introduce the microprocessor fault sensitivity model to systematically capture the fault response of a microprocessor pipeline. We also propose Microarchitecture-Aware Fault Injection Attack (MAFIA). MAFIA uses the fault sensitivity model to guide the fault injection and to predict the fault response. We describe two applications for MAFIA. First, we demonstrate a biased fault attack on an unprotected Advanced Encryption Standard (AES) software program executing on a seven-stage pipelined Reduced Instruction Set Computer (RISC) processor. The use of the microprocessor fault sensitivity model to guide the attack leads to an order of magnitude fewer fault injections compared to a traditional, blind fault injection method. Second, MAFIA can be used to break known software countermeasures against fault injection. We demonstrate this by systematically breaking a collection of state-of-the-art software fault countermeasures. These two examples lead to the key conclusion of this work, namely that software fault attacks become much more harmful and effective when an appropriate microprocessor fault sensitivity model is used. This, in turn, highlights the need for better fault countermeasures for software.<\/jats:p>","DOI":"10.1145\/3063311","type":"journal-article","created":{"date-parts":[[2017,7,31]],"date-time":"2017-07-31T12:12:00Z","timestamp":1501503120000},"page":"1-25","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":7,"title":["Analyzing the Fault Injection Sensitivity of Secure Embedded Software"],"prefix":"10.1145","volume":"16","author":[{"given":"Bilgiday","family":"Yuce","sequence":"first","affiliation":[{"name":"Virginia Tech, Blacksburg, VA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nahid Farhady","family":"Ghalaty","sequence":"additional","affiliation":[{"name":"Virginia Tech, Blacksburg, VA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Chinmay","family":"Deshpande","sequence":"additional","affiliation":[{"name":"Virginia Tech, Blacksburg, VA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Harika","family":"Santapuri","sequence":"additional","affiliation":[{"name":"Virginia Tech, Blacksburg, VA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Conor","family":"Patrick","sequence":"additional","affiliation":[{"name":"Virginia Tech, Blacksburg, VA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Leyla","family":"Nazhandali","sequence":"additional","affiliation":[{"name":"Virginia Tech, Blacksburg, VA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Patrick","family":"Schaumont","sequence":"additional","affiliation":[{"name":"Virginia Tech, Blacksburg, VA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2017,7,28]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-21969-6_21"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/FDTC.2011.9"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2005.862424"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/FDTC.2009.30"},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2012.2188769"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1873548.1873555"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-09420-5_9"},{"key":"e_1_2_1_8_1","volume-title":"Proc. of the USENIX Annual Technical Conference, FREENIX Track. 41--46","author":"Bellard Fabrice","year":"2005","unstructured":"Fabrice Bellard . 2005 . QEMU, A fast and portable dynamic translator . In Proc. of the USENIX Annual Technical Conference, FREENIX Track. 41--46 . Fabrice Bellard. 2005. QEMU, A fast and portable dynamic translator. In Proc. of the USENIX Annual Technical Conference, FREENIX Track. 41--46."},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/2024716.2024718"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-10175-0_16"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-011-0022-y"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2611765.2611769"},{"key":"e_1_2_1_13_1","volume-title":"Retrieved","author":"Gaisler Jiri","year":"2016","unstructured":"Jiri Gaisler . 2016 a. GRLIB IP library . Retrieved June 20, 2016 from http:\/\/www.gaisler.com\/index.php\/products\/ipcores\/soclibrary. Jiri Gaisler. 2016a. GRLIB IP library. Retrieved June 20, 2016 from http:\/\/www.gaisler.com\/index.php\/products\/ipcores\/soclibrary."},{"key":"e_1_2_1_14_1","volume-title":"Retrieved","author":"Gaisler Jiri","year":"2016","unstructured":"Jiri Gaisler . 2016 b. GRMON2 Debug Monitor . Retrieved June 20, 2016 from http:\/\/www.gaisler.com\/index.php\/products\/debug-tools\/grmon2. Jiri Gaisler. 2016b. GRMON2 Debug Monitor. Retrieved June 20, 2016 from http:\/\/www.gaisler.com\/index.php\/products\/debug-tools\/grmon2."},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/FDTC.2014.15"},{"key":"e_1_2_1_17_1","unstructured":"Brett Giller. 2015. Implementing Practical Electrical Glitching Attacks. Retrieved from https:\/\/www.blackhat.com\/docs\/eu-15\/materials\/eu-15-Giller-Implementing-Electrical-Glitching-Attacks.pdf.  Brett Giller. 2015. Implementing Practical Electrical Glitching Attacks. Retrieved from https:\/\/www.blackhat.com\/docs\/eu-15\/materials\/eu-15-Giller-Implementing-Electrical-Glitching-Attacks.pdf."},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1007\/11506447_4"},{"key":"e_1_2_1_19_1","doi-asserted-by":"crossref","unstructured":"Daniel Gruss Cl\u00e9mentine Maurice and Stefan Mangard. 2015. Rowhammer. js: A Remote Software-induced Fault Attack in Javascript. arXiv preprint arXiv:1507.06955.  Daniel Gruss Cl\u00e9mentine Maurice and Stefan Mangard. 2015. Rowhammer. js: A Remote Software-induced Fault Attack in Javascript. arXiv preprint arXiv:1507.06955.","DOI":"10.1007\/978-3-319-40667-1_15"},{"key":"e_1_2_1_20_1","volume-title":"Proc. of APEMC\u201915","author":"Homma Naofumi","year":"2015","unstructured":"Yu-ichi Hayashi, Naofumi Homma , Takaaki Mizuki , Takafumi Aoki , and Hideaki Sone . 2015 . Fundamental study on fault occurrence mechanisms by intentional electromagnetic interference using impulses . In Proc. of APEMC\u201915 . 585--588. Yu-ichi Hayashi, Naofumi Homma, Takaaki Mizuki, Takafumi Aoki, and Hideaki Sone. 2015. Fundamental study on fault occurrence mechanisms by intentional electromagnetic interference using impulses. In Proc. of APEMC\u201915. 585--588."},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-29656-7"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/TVLSI.2012.2231707"},{"key":"e_1_2_1_24_1","volume-title":"Proc. of the DAC\u201904","author":"Kocher Paul","year":"2004","unstructured":"Paul Kocher , Ruby Lee , Gary McGraw , Anand Raghunathan , and Srivaths Moderator-Ravi . 2004 . Security as a new dimension in embedded system design . In Proc. of the DAC\u201904 . 753--760. Paul Kocher, Ruby Lee, Gary McGraw, Anand Raghunathan, and Srivaths Moderator-Ravi. 2004. Security as a new dimension in embedded system design. In Proc. of the DAC\u201904. 753--760."},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/FDTC.2014.11"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1007\/11889700_13"},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-15031-9_22"},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.43"},{"key":"e_1_2_1_29_1","volume-title":"Power analysis attacks - revealing the secrets of smart cards","author":"Mangard Stefan","unstructured":"Stefan Mangard , Elisabeth Oswald , and Thomas Popp . 2007. Power analysis attacks - revealing the secrets of smart cards . Springer . Stefan Mangard, Elisabeth Oswald, and Thomas Popp. 2007. Power analysis attacks - revealing the secrets of smart cards. Springer."},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/FDTC.2013.9"},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-45238-6_7"},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/DTIS.2015.7127352"},{"key":"e_1_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2011.2174984"},{"key":"e_1_2_1_36_1","volume-title":"Retrieved","author":"Satoh Akashi","year":"2013","unstructured":"Akashi Satoh . 2013 . SAKURA specifications. (2013) . Retrieved June 20, 2016 from http:\/\/satoh.cs.uec.ac.jp\/SAKURA\/hardware\/SAKURA-G_Spec_Ver1.0_English.pdf. Akashi Satoh. 2013. SAKURA specifications. (2013). Retrieved June 20, 2016 from http:\/\/satoh.cs.uec.ac.jp\/SAKURA\/hardware\/SAKURA-G_Spec_Ver1.0_English.pdf."},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/FDTC.2012.17"},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/FDTC.2016.18"},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/FDTC.2011.12"},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/2948618.2948626"},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/FDTC.2016.21"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/FDTC.2015.16"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/HST.2015.7140240"},{"key":"e_1_2_1_44_1","volume-title":"Proc. of DCIS\u201912","author":"Zussa Loic","year":"2012","unstructured":"Loic Zussa , Jean-Max Dutertre , Jessy Cl\u00e9diere , Bruno Robisson , Assia Tria , and others. 2012 . Investigation of timing constraints violation as a fault injection means . In Proc. of DCIS\u201912 . Loic Zussa, Jean-Max Dutertre, Jessy Cl\u00e9diere, Bruno Robisson, Assia Tria, and others. 2012. Investigation of timing constraints violation as a fault injection means. In Proc. of DCIS\u201912."}],"container-title":["ACM Transactions on Embedded Computing Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3063311","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3063311","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3063311","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T03:36:33Z","timestamp":1750217793000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3063311"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,7,28]]},"references-count":40,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2017,11,30]]}},"alternative-id":["10.1145\/3063311"],"URL":"https:\/\/doi.org\/10.1145\/3063311","relation":{},"ISSN":["1539-9087","1558-3465"],"issn-type":[{"value":"1539-9087","type":"print"},{"value":"1558-3465","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017,7,28]]},"assertion":[{"value":"2016-06-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2017-02-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2017-07-28","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}