International Journal of Research and Reviews in Applicable Mathematics & Computer Science, Vol. 2, No 5, 2012 Counter attacking Fault Injections into Embedded Systems Dr. Sastry JKR, Prof K. Subba Rao, Ms. J. Sasi Bhanu drsastry@kluniversity.in, director.anqc@kluniversity.in, sasibhanu@klce.ac.in K L University, Vaddeswaram, Green Fields, Guntur District, PIN-522502 Abstract Embedded Systems are being used for the development and implementation of Safety and Mission Critical Systems. Malfunctions of such type of embedded systems will lead to disasters at times. The embedded systems must be fully secured from outside intervention in order to have effective functioning as well as to provide protective environment to these mission critical systems. Fault injection attacks are one kind of side channel attacks that affect embedded systems by injecting a fault into the system. There are several attacking systems discussed in the literature each requiring a kind of counter attacking systems. Most of the counter attacking systems is not supported by experimental setups. Experimental setups are required as many samples of attacks are to be carried and then the corresponding counter attacking system is proved using the output generated by the application of samples. In this paper, an experimental setup is proposed for protecting the Embedded System from latch up effect which is one of the methods for injecting faults in to the system. Latch up effect is implemented by the usage of several samples of data through conducting the variations in the supply voltages. The experimental set up explores the concept of latch up effect for attacking and current limiting circuit for countering latch up effect. A safety critical system for monitoring and controlling of the temperatures within nuclear Reactor System is designed and exposed to the experimental setup. The experimental system is tested using the simulation and the experimental results are published. 1.0 Introduction One of the side channel attacks which are considered as a threat for embedded system is fault injection attacks. Fault injection attack is defined as an attack which requires the injection of some sort of fault during the operation of the target system. Fault injection attacks rely on varying the external parameters and environmental conditions of a system such as the supply voltage, clock, temperature, radiation, etc., to induce faults in its components. There are different counter attacking mechanisms in order to counter fault injection attacks. The counter attacking mechanism varies with the attacking mechanism. Some of these counter attacking mechanisms are to be built during design phase and some others are to be implemented as separate circuits depending on the severity of attacks implemented and the degree of security required for the embedded system. One of the methods to inject faults in to the embedded system is through creation of latch up effect [1]. This effect allows large amount of currents into the circuit leading to loss of information or even breakage of chip. To avoid this condition, current limiting circuits are to be introduced to detect this attack and thus prevent the loss of information. Round rejection method [2] refered to a method of introducing the faults by reducing the number of rounds of an encryption algorithm. Counter measures for that would include introducing some form of redundancy within the register referred to “Round Counter” or to introduce random delays and to set up a mechanism to detect the reduction of rounds in algorithm. To protect computer systems from unauthorized penetration, intrusion detection is an important component of the overall security solution. Intrusion detection involves anomaly detection which protects the system from following the anomalous path. Anomalous path detection [3] involves different phases like n-jump path checking, training phase and detection phase. The technology to defend optical probing attacks is the development of self-timed dual-rail logic [4]. In dual-rail logic, a 0 or 1 is signaled not by a low or high voltage on a single wire, but by a combination of signals on a pair of wires i.e. 0 for ‘LH’ and 1 for ‘HL’. Because of this logic, unnecessary flipping of bits due to intense focusing of white light or x-rays or laser light can be avoided. August Issue Page 63 of 79 ISSN 2249 8931