The growing complexity of embedded system comes with a strong corollary: security level has to similarly increase since new and powerful attacks take advantage of any flaws, ignoring no longer pertinent frontiers such as software and hardware. Physical attacks are particularly effective threats to strike confidentiality, integrity or authenticity of systems. Traditional research works on side-channel and fault injection analysis have dealt with breaking cryptographic primitives (like guessing AES key) but the set of potential applications is wider since physical attacks – more particularly fault injection – aims at targeting the integrity of code execution. For example, an attack may entirely disrupt the authentication and encryption processes of a secure boot providing unrestricted privilege to the attacker. To thwart such worrying threat, several protections have been proposed such as software-based Control Flow Integrity (CFI) or hardware-based monitoring of the control-flow or code integrity (at the price of high overheads) but most of the proposed protection schemes do not cover all the levels of a system (hardware, ISA, software). The project COFFI aims at demonstrating how co-design approaches leveraging the interaction between software and hardware may significantly improve the Control Flow and Execution Integrity (CFEI) against powerful physical attacks (see figure <TBD>). Taking advantage of the complementarity expertise of its consortium, composed by three academic partners (ARMINES, CEA, Sorbonne University) and an industrial actor in the field of secure microprocessor (ISSM/INVIA), COFFI will cover the integrity against both instruction-based and data-based obstruction paradigms with an objective of reaching the best trade-off between security properties and performance overheads. To fulfill its scientific objectives, COFFI will demonstrate its results with a set of representative and relevant use cases and by using the RISC-V platform – the open source instruction set architecture – to implement the secure components (more particularly with an FPGA prototype) as well as porting practical solutions in the proprietary microprocessor from ISSM called S8. The efficiency of the innovative solutions developed in COFFI will be evaluated using state-of-the-art fault injection (such as laser beam) and side-channel analysis equipment.
The ANR COFFI project
COFFI meets the ninth challenge of the ANR 2018 work program, more particularly with the development of innovative schemes for the “protection of information system” (challenge 9, axe 1.4) and will be part of the National Research Strategy (SNR) with the 41th orientation on the “resilience of the security system”.
Contact
Olivier Potin
Phone: +33 4 42 61 67 37
Postal address
ANR-COFFI École des Mines de Saint-Étienne
Centre de Micro-électronique de Provence
880, avenue de Mimet F-13120Gardanne France
Manage Cookie Consent
We use cookies to optimise our website and service; you have control over which cookies you wish to enable.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.