Lazart: A Symbolic Approach for Evaluation the Robustness of Secured Codes against Control Flow Injections

Marie-Laure Potet, Laurent Mounier, Maxime Puys, Louis Dureuil
2014 2014 IEEE Seventh International Conference on Software Testing, Verification and Validation  
1 In the domain of smart cards, secured devices must be protected against high level attack potential [1] . According to norms such as the Common Criteria [2], the vulnerability analysis must cover the current state-of-the-art in term of attacks. Nowadays, a very classical type of attack is fault injection, conducted by means of laser based techniques. We propose a global approach, called Lazart, to evaluate code robustness against fault injections targeting control flow modifications. The
more » ... nality of Lazart is twofolds. First, we encompass the evaluation process as a whole: starting from a fault model, we produce (or establish the absence of) attacks, taking into consideration software countermeasures. Furthermore, according to the near state-of-the-art, our methodology takes into account multiple transient fault injections and their combinatory. The proposed approach is supported by an effective tool suite based on the LLVM format [3] and the KLEE symbolic test generator [4] .
doi:10.1109/icst.2014.34 dblp:conf/icst/PotetMPD14 fatcat:gbzjezyqafbhpnbpqqjvk5o3u4