Embedded systems are ubiquitous. However, physical access of users and likewise attackers makes them often threatened by fault attacks: a single fault during the computation of a cryptographic primitive can lead to a total loss of system security. This can have serious consequences, e.g., in safety-critical systems, including bodily harm and catastrophic technical failures. However, countermeasures often focus on isolated fault models and high layers of abstraction. This leads to a dangerous sense of security, because exploitable faults that are only visible at machine code level might not be covered by countermeasures. In this work we present ARMORY, a fully automated open source framework for exhaustive fault simulation on binaries of the ubiquitous ARM-M class. It allows engineers and analysts to efficiently scan a binary for potential weaknesses against arbitrary combinations of multi-variate fault injections under a large variety of fault models. Using ARMORY, we demonstrate the power of fully automated fault analysis and the dangerous implications of applying countermeasures without knowledge of physical addresses and offsets. We exemplarily analyze two case studies, which are highly relevant for practice: a DFA on AES (cryptographic) and a secure bootloader (non-cryptographic). Our results show that indeed numerous exploitable faults found by ARMORY which occur in the actual implementations are easily missed in manual inspection. Crucially, most faults are only visible when taking machine code information, i.e., addresses and offsets, into account. Surprisingly, we show that a countermeasure that protects against one type of fault can actually largely increase the vulnerability to other fault models. Our work demonstrates the need for countermeasures that, at least in their evaluation, are not restricted to isolated fault models and consider low-level information during the design process.

中文翻译：

---

ARMORY：ARM-M 二进制文件的全自动、详尽的故障模拟


嵌入式系统无处不在。然而，用户和攻击者的物理访问使他们经常受到故障攻击的威胁：加密原语计算过程中的单个故障可能会导致系统安全性的完全丧失。这可能会产生严重后果，例如在安全关键系统中，包括人身伤害和灾难性技术故障。然而，对策通常侧重于孤立的故障模型和高层抽象。这会导致危险的安全感，因为仅在机器代码级别可见的可利用错误可能无法被对策覆盖。在这项工作中，我们介绍了 ARMORY，这是一个完全自动化的开源框架，用于对普遍存在的 ARM-M 类二进制文件进行详尽的故障模拟。它允许工程师和分析师有效地扫描二进制文件，以查找针对多种故障模型下多变量故障注入的任意组合的潜在弱点。使用 ARMORY，我们展示了全自动故障分析的强大功能，以及在不了解物理地址和偏移量的情况下应用对策的危险影响。我们示例性地分析了两个与实践高度相关的案例研究：AES（加密）上的 DFA 和安全引导加载程序（非加密）。我们的结果表明，ARMORY 发现的许多在实际实现中发生的可利用错误在手动检查中很容易被遗漏。至关重要的是，大多数错误只有在考虑机器代码信息（即地址和偏移量）时才可见。令人惊讶的是，我们表明，针对一种类型的故障提供保护的对策实际上会大大增加对其他故障模型的脆弱性。 我们的工作表明，需要采取对策，至少在评估中，不限于孤立的故障模型，并在设计过程中考虑低级信息。