The Price of Faults
白皮书
Hardware fault attacks can break software security by revealing secrets during program execution or by changing the behavior of a program. Without profound knowledge of these attacks, it is hard to defend code effectively. Traditional secure programming methods focus mostly on input validation and output control, but fault resistance requires pervasive protection throughout the code.
This paper explains the background and risk of fault injection and proposes to use secure programming patterns for security-critical devices. We show that repairing unprotected products suffering from fault injection vulnerabilities is not affordable. It is much better to use fault mitigation patterns, which help developers lower the risk of fault injection in a cost-effective way.