LVC21F-116 Assessing the effectiveness of MCUBoot protections against fault injection attacks

Session Abstract

Level: Introductory and overview  MCUboot is used as the secure boot loader for TF-M, and it recently had countermeasures added to make it more secure in the face of fault injection attacks. This talk will present the outcomes of a 6-months internship spent on assessing the effectiveness of those protections and will cover: - Overview of fault injection and how can be used to affect the behaviour of a system. - Introduce the MCUboot project and the software countermeasures against physical attacks. - Present the test setup and how the tests were performed. - Evaluate the effectiveness of the current protection schemes under different conditions (compiler options and protection levels). - Suggest improvements based on the evaluation results.

Session Speakers

Ever ATILANO

Cybersecurity Intern at Arm (Arm)

Currently, I am doing my final-year internship at Arm, in Paris, to obtain my master degree's in electronics and computer science at Sorbonne University. During my internship, I've been working on assessing the effectiveness of MCUBoot protections against fault injection attacks. In my free time, I like to play the violin and play some video games.

Arnaud de Grandmaison

Distinguished Engineer at Arm

Arnaud started back in 1995 at VLSI Technology as a an ASIC design engineer. He then moved to a System Architect role, before focusing for about 12 years on compilers, for custom architectures before joining Arm in 2014. He is now working in the Advanced Product Development group in the toolchain group, where he researches on tooling and solutions for improving the products' security, with a focus on physical attacks, e.g; fault injection and side channel.

Level: Introductory and overview 

MCUboot is used as the secure boot loader for TF-M, and it recently had countermeasures added to make it more secure in the face of fault injection attacks. This talk will present the outcomes of a 6-months internship spent on assessing the effectiveness of those protections and will cover: - Overview of fault injection and how can be used to affect the behaviour of a system. - Introduce the MCUboot project and the software countermeasures against physical attacks. - Present the test setup and how the tests were performed. - Evaluate the effectiveness of the current protection schemes under different conditions (compiler options and protection levels). - Suggest improvements based on the evaluation results.

comments powered by Disqus

Other Posts

Sign up. Receive Updates. Stay informed.

Sign up to our mailing list to receive updates on the latest Linaro Connect news!