Recruiting Fault Tolerance Techniques for Microprocessor Security

The growing threat of various attacks on modern microprocessors and systems calls for major design overhauls ranging from plugging micro-architectural side channels such as due to speculative execution to implementing cryptographic accelerators for side-channel and fault attack resistance. In this paper, we suggest to focus on the similarities and the differences between fault tolerance techniques and countermeasures against attacks on security sensitive systems. Modern digital circuits and systems use a diverse set of techniques to ensure operational correctness in the presence of faults. From a security perspective, the goal is to ensure a set of stated security properties hold in the presence of 'security faults' (extending the notion of conventional faults to include injected faults as well as vulnerabilities such as passive side-channels). A point of note here is that under some security faults, the operational correctness may not be compromised. This paper advocates the re-purposing of some of the known fault tolerance techniques, and show how those can be useful for enhancing security in the presence of active side-channel attacks. As a simple illustration of these ideas, we present an experimental case study in fortifying a cryptographic sub-component of a RISC-V based secure system-on-chip, against a formidable fault attack called SIFA.