The growing need for high rate communication of recent embedded systems is leading to the adoption of the PCIe protocol (Peripheral Component Interconnect express) as an internal data bus. This technology is used in some recent smartphones, and will probably be adopted globally in the next few years. The communication between the processor (in the SoC) and its memory through the PCIe bus represents an important source of information for criminal investigations. In this paper, we present a new attack vector on PCIe based on a hardware Man-in-the-Middle. This system allows real-time data analysis, data-replay, and a copy technique inspired by the shadow-copy principle. Through this one, it is possible to locate, duplicate, and replay sensitive data. The main challenge here is to develop an architecture compliant with PCIe protocol constraints, such as response time, frequency, and throughput, in order to be non-detectable to the communication parts. We designed a proof of concept of an emulator based on a computer with PCIe 3.0 bus and a Stratix 5 FPGA with an endpoint PCIe port as a development target.

最近嵌入式系统对高速率通信的需求不断增长，导致采用PCIe协议（外围组件互连Express）作为内部数据总线。这项技术已在最近的一些智能手机中使用，并且可能在未来几年内在全球范围内被采用。处理器（在SoC中）与其内存之间通过PCIe总线进行的通信代表了刑事调查的重要信息来源。在本文中，我们提出了一种基于硬件中间人的PCIe攻击新载体。该系统可以进行实时数据分析，数据重放以及受卷影复制原理启发的复制技术。通过这一步骤，可以查找，复制和重播敏感数据。这里的主要挑战是开发一种符合PCIe协议约束的架构，例如响应时间，频率和吞吐量，以使通信部分无法检测到。我们设计了一种仿真器的概念验证，该仿真器基于具有PCIe 3.0总线的计算机和带有端点PCIe端口作为开发目标的Stratix 5 FPGA。