EMMap: A Systematic Framework for Spatial EMFI Mapping and Fault Classification on Microcontrollers
Gandham Sai Santhosh, Siddhartha Sanjay Naik, Ritwik Badola, Chester Rebeiro
TL;DR
EMFI lacks a unified methodology for mapping spatial sensitivity and fault outcomes on microcontrollers. It proposes a device-agnostic framework that combines spatial probing, architecture-level observability, and a three-category fault taxonomy. Pilot demonstrations on Xtensa LX6 (ESP32) and ChipWhisperer targets show how spatial position, timing, and EMFI parameter choices shape faults into control-flow, data, or system-level categories. By providing structured guidelines and an extensible workflow, the work enables reproducible EMFI research and more resilient embedded system design.
Abstract
Electromagnetic Fault Injection (EMFI) is a powerful technique for inducing bit flips and instruction-level perturbations on microcontrollers, yet existing literature lacks a unified methodology for systematically mapping spatial sensitivity and classifying resulting fault behaviors. Building on insights from O'Flynn and Kuhnapfel et al., we introduce a platform-agnostic framework for Spatial EMFI Mapping and Fault Classification, aimed at understanding how spatial probe position influences fault outcomes. We present pilot experiments on three representative microcontroller targets including the Xtensa LX6 (ESP32) and two ChipWhisper boards not as definitive evaluations, but as illustrative demonstrations of how the proposed methodology can be applied in practice. These preliminary observations motivate a generalized and reproducible workflow that researchers can adopt when analyzing EMFI susceptibility across diverse embedded architectures.