CRAFT: Characterizing and Root-Causing Fault Injection Threats at Pre-Silicon

TL;DR

The paper tackles fault injection attacks in embedded systems and proposes CRAFT, a framework that bridges pre-silicon analysis with post-silicon validation to uncover, characterize, and root-cause FIA vulnerabilities. Using a RISC-V cv32e40x core, it reveals novel clock-glitch exploits that cause instruction skips and illegal control-flow mid-execution, plus a silent-fault window, and shows a dramatic reduction in post-silicon testing space (97.31%) by guiding hardware experiments from pre-silicon results. It details a seven-step process including fault parameter selection, attack-surface exploration, fault simulation, RAT-based prioritization, targeted instrumentation, root-cause tracing, and cross-stage validation, with case studies on AI/ML workloads (eBNN) and FPGA validation. The findings underscore the value of integrated design-time analysis for secure hardware, offer countermeasure directions (e.g., integrity checks on key pipeline registers), and argue for general applicability to other ISAs and architectures.

Abstract

Fault injection attacks (FIA) pose significant security threats to embedded systems as they exploit weaknesses across multiple layers, including system software, instruction set architecture (ISA), microarchitecture, and physical hardware. Early detection and understanding of how physical faults propagate to system-level behavior are essential to safeguarding cyberinfrastructure. This work introduces CRAFT, a framework that combines pre-silicon analysis with post-silicon validation to systematically uncover and analyze fault injection vulnerabilities. Our study, conducted on a RISC-V soft-core processor (cv32e40x) reveals two novel vulnerabilities. First, we demonstrate a method to induce instruction skips by glitching the clock (single-glitch attack), which prevents critical values from being loaded from memory, thus disrupting program execution. Second, we show a technique that converts a fetched legal instruction into an illegal one mid-execution, diverting control flow in a manner exploitable by attackers. Notably, we identified a specific timing window in which the processor fails to detect these illegal control-flow diversions, allowing silent, undetected corruption of the program state. By simulating 9248 FIA scenarios at pre-silicon and conducting root-cause analysis of the RISC-V pipeline, we trace the faults to a previously unreported vulnerability in a pipeline register shared between the instruction fetch and decode stages. Our approach reduced the search space for post-silicon experiments by 97.31%, showing pre-silicon advantages for post-silicon testing. Finally, we validate our identified exploit cases on real hardware (FPGA).

Figures (7)

• Figure 1: CRAFT follows a seven-step process: ① select fault parameters, such as glitch width and glitch offset, based on post-silicon capabilities; ② explore the attack surface by analyzing the target application and identifying instructions of interest; ③ inject faults in pre-silicon (simulation) to identify failing instructions; ④ compile a risk assessment table (RAT) to classify and prioritize critical faults; ⑤ use RAT to execute an attack on post-silicon; ⑥ perform root-cause analysis on failing instructions and update fault parameters to improve accuracy for future iterations, and ⑦ validate pre-silicon attack results against post-silicon outcomes to confirm the vulnerability.
• Figure 2: Illustration of a $100$ MHz clock and a clock with a glitch. The top graph shows the regular clock signal with a stable period of $10$ ns, while the bottom graph illustrates a clock glitch, where the positive edge is advanced, resulting in a shortened clock period. This disruption can lead to timing violations and data corruption in digital circuits.
• Figure 3: RISC-V instruction format depicting the opcode, register fields, function codes, and immediate values, highlighting the utilization of various fields depending on the instruction type, e.g., R-type, I-type. Corruption in different fields of instruction can lead to distinct behaviors.
• Figure 4: Visualization of the cv$32$e$40$x $4$-stage pipeline processor. In the Fetch stage, when the program counter loads the 'and' instruction from memory, a clock glitch disrupts the operation, corrupting the pipeline registers shared between the Fetch and Decode stages, resulting in the misclassification of the legal 'and' instruction as an illegal instruction.
• Figure 5: The root cause of failure in the cv$32$e$40$x processor. A clock glitch disrupts the long combinational logic path, causing the input to the compressed decoder module to be latched prematurely (see ⓐ). This leads to misclassifying legal instructions as illegal in subsequent clock cycles.