Fault-Injection Detection Circuits: Design, Calibration, Validation and Tuning
Conference: Black Hat USA 2022
2022-08-10
Summary
The presentation discusses fault injection attacks and how Intel integrated a tunable replica circuit (TRC) into their Converged Security and Manageability Engine (CSME) to detect such attacks.
- Primary attack surfaces for non-invasive fault injection are the 32.7 kHz and 38.4 MHz crystals, while laser attacks require a package delay
- The goal of a fault injection attack is to cause circuit timing to fail without crashing the platform, with the Holy Grail being to convert a jump to a no-op
- TRC is integrated into CSME to detect fault injection attacks and mitigate the risk of malware executing on the platform
- CSME is made up of three partitions: x86 microcontroller, system agent, and I/O devices
Abstract
This session covers the tunable replica circuit (TRC), a fault-injection detection circuit that has been integrated into Intel® Converged Security and Management Engine (Intel® CSME) in the recent 12th Gen Intel® Core™ Processor. This is Intel's first foray into active fault-injection attack detection in high-volume products such as CPUs and chipsets.Ultimately, since a timing failure is the primary goal of fault-injection attacks and has been shown as the vehicle to cause unsigned code to run on other security engines, using the TRC to explicitly detect timing failures is Intel's current approach to fault-injection detection in client security engines. Unlike traditional analog voltage and clock monitors, the TRC detects timing failures that result from voltage, clock, temperature, and other glitch attacks, such as electromagnetic radiation. This session will introduce the TRC technology, how the TRC was integrated into Intel CSME, the process for calibrating the TRC in high volume manufacturing (HVM), as well as the false-positive and fault-injection testing that occurred in our physical attack labs.
Materials:
Tags: