CoPhyTEE

Addressing Covert & Physical Attacks performed from SW in Open-Hardware Trusted Execution Environment-enabled System-on-Chip

ANR-23-CE39-0003 ANR-23-CE39-0003-01

Today’s System-on-Chip (SoC) include advanced features that allow for dynamic energy-management to better adapt to current computation loads, heat, and required performance and energy constraints. However, an emergent category of attacks has shown that these features can be maliciously exploited to perform internal attacks (i.e., attacks performed by software co-located with sensitive applications on the same hardware), even circumventing Trusted Execution Environments (TEE) security guarantees. Reported attacks include covert channels, Side-Channel Attacks (SCA) and Fault Injection (FI) by exploiting the frequency, voltage, temperature, current, and power supply. Although totally disabling energy-management mechanisms would limit and avoid most vulnerabilities, this would go against the performance and energy optimizations, achieved gains, and might lead to significant overheads. Instead of limiting or disabling these optimization mechanisms, in CoPhyTEE, we propose to benefit from them to built a security governor able to detect at run-time possible vulnerable execution scenarios,

Persons involved in the project

• Dr. Maria Méndez Real, Nantes Université - IETR Lab, Coordinator
• Dr. Jean-Christophe Prévotet, INSA de Rennes - IETR Lab
• Dr. Guillaume Bouffard, ANSSI
• PhD student Owen Le-Gonidec, Nantes Université - IETR Lab

Collaborations

This is within the collaboration with ANSSI. Scientific Advisory Board includes KU Leuven and Radboud University.

Funding

This project is fund by the Franch Agency of Research ANR. It runs from 2023 - 2027.