Skip to Main content Skip to Navigation

Méthodes pour la modélisation des injections de fautes électromagnétiques

Abstract : Fault injection attacks represent a considerable threat to cyber-physical systems.Therefore, protection against these attacks is required to ensure a high level of security in sensitive applications such as the Internet of Things, smart devices or connected cars.Developing protection requires a good understanding of the attack mechanisms in order to propose effective countermeasures.In terms of fault injection methods, electromagnetic interference has proven to be an effective source of disruption, being less intrusive and with a low cost setup.Besides the adjustment of the injection parameters, the effectiveness of this attack mean lies in the choice of the probe that generates the electromagnetic radiation.The state of the art already proposes many works related to the design and characterization of this type of injector.However, the corresponding results point out to some difference between those from simulation and those from experimental tests.The first part of the thesis addresses the question of the efficiency of magnetic probes, with a focus on their properties.In order to compare the probes, we propose to observe the impact of electromagnetic pulses at the logic level, on particular targets such as FPGA.The characterization is also established according to the variation of the injection parameters such as the amplitude and the polarity of the pulse, the number of pulses or the injection time.These results allowed to converge on the optimal parameters that maximize the effect of the magnetic probes.The characterization is then extended to the architecture level on microcontroller targets.The purpose of the second contribution is to present an analysis approach, based on three generic methods, which are used to determine the vulnerabilities of microcontrollers with respect to instructions or data.These methods concern the identification of vulnerable elements at the architecture level, the analysis of fault models at the bit level, and finally the definition of the temporal fault status, i.e. transient or semi-persistent.Establishing the fault patterns, as well as the number of the impacted instructions or data, is an important milestone for the design of more robust countermeasures.Regarding the latter, instruction-level countermeasures have been proposed against software fault models.Currently, the most common mechanism is to apply a redundant execution of the program to be protected.However, this type of countermeasure is based on the assumption that a fault injection imply a single instruction jump.With respect to our observations, these countermeasures based on instruction-level duplication present vulnerabilities, which we identify and then correct.
Complete list of metadata
Contributor : ABES STAR :  Contact
Submitted on : Wednesday, October 13, 2021 - 3:16:12 PM
Last modification on : Tuesday, October 19, 2021 - 11:14:15 AM
Long-term archiving on: : Friday, January 14, 2022 - 7:19:11 PM


Version validated by the jury (STAR)


  • HAL Id : tel-03376512, version 1



Oualid Trabelsi. Méthodes pour la modélisation des injections de fautes électromagnétiques. Electronique. Institut Polytechnique de Paris, 2021. Français. ⟨NNT : 2021IPPAT021⟩. ⟨tel-03376512⟩



Record views


Files downloads