The protection of software systems against physical faults or attacks is increasingly important. Yet, application developers are still mostly relying on hand-written software countermeasures to add protection to their code, and to manual inspection of the final binary code to qualify the level of protection of their software. We have developed at STMicroelectronics a set of tools to automate these tedious and error prone tasks. The first tool is an extension to the LLVM compiler, namely SecSwift, that automates the generation of software countermeasures into a binary. The second tool is a set of scripts that drive an execution platform through a debugger to perform fault injection during the execution of an application in order to qualify the level of protection of a piece of software.
Starting from these components, the main objectives of this thesis are:
- Explore the usage of a symbolic execution tool to perform more systematic or more intelligent fault injections.
- Analyze and improve the efficiency of the software countermeasures implemented by the SecSwift module.
The use of binary analysis tools providing a range of possibility from standard control/data flow analysis to symbolic execution will bring several advantages compared to our current solution based on GDB and Python. An important goal of this work is to produce a tool that can assess the level of safety or reliability of a given application. Evaluation on a real user application is thus a major objective of this thesis. This means that the proposed solution should be carefully designed and implemented so that it can overcome the scalability limitations of currently available solutions. Challenge will be to provide hybrid solutions between traditional program analysis and logic-based solvers or integrate controllable over-approximations.
Software countermeasure analysis
The SecSwift LLVM module implements control-flow, data-flow and memory protections through the automatic generation of software countermeasures to reinforce the safety and reliability of the software against faults. In order to improve the efficiency and reliability of certain countermeasures, dedicated hardware support will be proposed and implemented in a global strategy where risk mitigation relies on software and hardware. Here again, we will focus on real applications and realistic attack scenarios. Under this context, the behavior of currently implemented protections will be analyzed, and improvements using state-of-the art techniques will be implemented.
It would be very useful in addition to assess that optimizations done in the fault injections qualification tool are effective at reducing qualification time when the code is protected by software countermeasures, and how both fault analysis and protection problems are related.
You already have some experience on compilation and simulation techniques in the cyber security domain. You have a good knowledge in C/C++ language and in scripting languages such as Python. You are familiar with Linux and a configuration management system such as GIT
Europe, France, Grenoble
Education level required: Master degree
Experience level required: Less than 2 years
Languages: English (Business fluent)