Fault Attacks on Access Control in Processors: Threat, Formal Analysis and Microarchitectural Mitigation

Process isolation is a key component of the security architecture in any hardware/software system. However, even when implemented correctly and comprehensively at software (SW) level, process may be compromised by weaknesses hardware (HW). Therefore, HW an exhaustive verification desirable which provides needed formal guarantees ensuring confidentiality integrity microarchitecture. The situation further exacerbated if attacker able to inject faults, threat requiring additional attention analysis. In this paper, we consider model where faults and, same time, execute user-level programs. We show that poses severe systems have been hardened against fault attacks for specific, security-critical system software. For protection threat, present methodology access control processors, demonstrate how such are sustained presence injection. Guaranteeing correct robust crucial since it basis hardware. proposed approach implicitly models all possible single multiple bit flips as well stuck-at faults. leverage results our analysis augment with mechanisms guarantee w.r.t. considered model. At example several open source RISC-V both scalability efficiency generated defenses.