Zu Beginn des Kolloquiumsvortrags verleiht die Firma Philips Medizin Systeme Preise an Studierende der Fakultät Informatik und Informationstechnik. Der Kolloquiumsvortrag beginnt um ca. 17:20 Uhr.
→ Informationen zur Preisverleihung der Firma Philips Medizin Systeme

Vortrag 3: Mittwoch 16.06.2021, 17:20 Uhr

Fault Injection Attacks

For microcontrollers (µC) in embedded systems and those which deploy IoT technology are at risk by cyber attacks just as well as any computer requiring Cybersecurity protection. For these µC, which are everywhere: transportation, medical, industrial, infrastructure and personal products, cyber attacks range from denial of service (DOS), fault-inject attacks (FIA), espionage, ransom, identity theft, etc.

Thefts or DOS on µC not only occur with networks or root of trust (RoT) breaching, but though power and voltage monitoring and control. Power analysis could reveal passwords, boot security bypassing, collecting private key(s), etc by extracting data from the busses on the µC. Another approach is to disrupt with FIA or DOS by changing the behavior of the microprocessor (µP).

FIA create the possibility to bypass embedded security mechanisms, create DOS, or disrupt the functionality of the µC by effecting the µP. In forensic terms, executing code could be “tricked” in bypassing password authenticity checking, conditionals could be disrupted by loading incorrect data or skipping loading or decoding opcodes. This can be done by clock-glitching, voltage-glitching, or electromagnetic fault injection (EMFI). However, intimate knowledge of the µP architecture is key.