Honest to a Fault: Root-Causing Fault Attacks with Pre-Silicon RISC Pipeline Characterization
Arsalan Ali Malik, Harshvadan Mihir, Aydin Aysu
TL;DR
The paper tackles the vulnerability of embedded AI/ML systems to fault injection by presenting a pre-silicon methodology to analyze clock-glitch faults in a RISC-V pipeline. It introduces a gate-level timing framework calibrated to post-silicon results and uses a RAT-guided workflow to identify vulnerable instructions and pipeline stages, including a novel decode-stage vulnerability. The key contributions are quantifying instruction-level critical paths, revealing how clock glitches can turn legal instructions into illegal ones, and validating findings with post-silicon results. This approach enables early defense design and patching before tape-out, improving resilience of secure cyberinfrastructure against timing-based faults.
Abstract
Fault injection attacks represent a class of threats that can compromise embedded systems across multiple layers of abstraction, such as system software, instruction set architecture (ISA), microarchitecture, and physical implementation. Early detection of these vulnerabilities and understanding their root causes along with their propagation from the physical layer to the system software is critical to secure the cyberinfrastructure. This present presents a comprehensive methodology for conducting controlled fault injection attacks at the pre-silicon level and an analysis of the underlying system for root-causing behavior. As the driving application, we use the clock glitch attacks in AI/ML applications for critical misclassification. Our study aims to characterize and diagnose the impact of faults within the RISC-V instruction set and pipeline stages, while tracing fault propagation from the circuit level to the AI/ML application software. This analysis resulted in discovering a novel vulnerability through controlled clock glitch parameters, specifically targeting the RISC-V decode stage.