Cambridge, UK, 10/24/2024 – Over the last decade there has been a significant rise in the frequency and severity of side-channel attacks (SCAs). This Agile Analog blog post outlines some examples of applications that could be impacted by voltage side-channel attacks and explains how agileVGLITCH, our voltage glitch detection solution, can help offer protection.
Voltage side-channel attacks
Voltage side-channel attacks involve unscrupulous individuals attempting to break into electronic systems by using glitching techniques. A successful SCA can expose sensitive data and place the SoC (System on Chip) at risk.
The Agile Analog team has developed a voltage glitch detector that can be integrated into a SoC design to determine when such an attack is occurring and to enable counter-measures. This customizable IP block, along with Agile Analog's temperature glitch detector IP and clock attack monitor IP work together to check vital parameters like voltage, temperature and clock. Changes, such as supply voltage fluctuations or power supply manipulation, might signal an attack on the chip. In this situation a digital alarm will alert the SoC's processor.
Example applications
Here are a few examples of applications that could be vulnerable to voltage side-channel attacks.
IoT security system: Using a voltage glitching device the debug mode of an IoT security system can be accessed during a SCA, which then allows all the data associated with the authorized keys to be read, enabling someone to enter the property unrecorded. With agileVGLITCH embedded this detects the voltage glitch incident, informing the system about this unusual activity, as well as providing a time and date that can help to identify the offender.
Security camera: It’s possible that hackers could intercept a security camera before purchase, updating the firmware so it redirects the video recordings to them. This type of SCA means a hacker can reflash unauthorized firmware without going through the standard boot-signing process, resetting the security key to a known value. The agileVGLITCH solution can foil this attempt, stopping unauthorized programmes from being added to the system.
Satellite TV receiver: Removing Digital Rights Management (DRM) from films broadcast over a satellite channel can be achieved by installing a voltage glitcher on a HDMI controller supply to a satellite receiver with a valid subscription. A hacker is able to reset the HDMI output to be non-HDCP validated, allowing decrypted HD content to be sent to a non-secure device. This then re-encodes the content without protection. A voltage glitch detector like agileVGLITCH can discover the voltage glitching and prevent this from happening.
agileVGLITCH
There are four key components of the agileVGLITCH solution:
Bandgap: This is set to operate over a wide voltage range to ensure extensive glitch monitoring and a precise voltage reference. There is a bootstrap circuit for reliable turn-on during start-up and an option for production trimming for enhanced levels of accuracy.
Programmable comparators: There are two programmable comparators to identify over-voltage and under-voltage glitches. The thresholds are configurable for glitch detection and the level-shifters are incorporated to allow the IOs to be driven from the core supply.
Reference selectors: These provide configurable input voltages to the programmable comparators, so it is possible for the glitch side to be adjusted. The thresholds can also be changed, for example, in the case of Dynamic Voltage and Frequency Scaling (DVFS).
Logic: This follows each comparator and provides control of enables based on the digital inputs, latching momentary events on the output of comparators, disabling outputs during testing, as well as 3-way majority voting on the latched outputs.
Optional ADC: There is also the option to include a SAR ADC (Analog-to-Digital Converter) in order to measure the supply value. This can be used for monitoring of the device for issues such as performance degradation.
Be prepared
Unfortunately it’s likely that side-channel attacks will continue to be an ongoing problem. Therefore, it is important for organizations to be prepared and to implement counter-measures. The combination of Agile Analog's security IP solutions embedded inside an electronic device can help to provide protection from a variety of different vulnerabilities and threats.