Voltage Fault Injection (VFI), also known as power glitching, has proven to be a severe threat real-world systems. In VFI attacks, the adversary disturbs power-supply of target-device forcing device illegitimate behavior. Various countermeasures have been proposed address different types fault injection attacks at abstraction layers, either requiring modify underlying hardware or software/firmware machine instruction level. Moreover, only recently, individual chip manufacturers started respond this by integrating in their products. Generally, these aim protecting against single (SFI) since Multiple (MFI) is believed challenging and sometimes even impractical. paper, we present {\mu}-Glitch, first (VFI) platform which capable injecting multiple, coordinated voltage faults into target device, trigger signal. We provide novel flow for (MVFI) significantly reduce search complexity parameters, space increases exponentially with each additional injection. evaluate showcase effectiveness practicality our attack on four chips, featuring TrustZone-M: The two interdependent backchecking mechanisms, while second additionally integrated Our evaluation revealed that {\mu}-Glitch can successfully inject consecutive within an average time one day. Finally, discuss potential mitigate propose scenarios MVFI.

Load

Load