International audienceFault attacks are a major threat requiring to protect applications. We present a method and a set of metrics, implemented in a framework combining formal methods, dynamic and static analyses to evaluate the robustness of a binary code against fault attacks. The framework models the vulnerabilities detection as formal equivalence-checking problems that are solved by a SMT solver. It can support transient fault models targeting both data and code. Its application to programs hardened at source level shows its benefits for comparing different hardened versions, compilers and their optimizations, and for analyzing the sources of vulnerability
International audienceThis paper presents a fully automated technique to find and trigger Use-After-...
Les systèmes embarqués traitent et manipulent de plus en plus de données sensibles. La sécurité de c...
This paper presents a formal verification framework and tool that evaluates the robustness of softwa...
This article presents the method for purposeful detection of vulnerabilities depending on input data...
Finding and exploiting vulnerabilities in binary code is a challenging task. The lack of high-level,...
Cryptographic implementations are often vulnerable against physical attacks, fault injection analysi...
International audienceFault injection has increasingly been used both to attack software application...
International audienceThis paper presents a method for exploitable vulnerabilities detection in bina...
Vulnerability diagnosis is important for program security analysis. It is a further step to understa...
Fault injection has increasingly been used both to attack software applications, and to test system ...
Recently fault injection has increasingly been used both to attack software applications, and to tes...
Currently, software organizations face critical issues associated with computer security, considerin...
International audienceRecently fault injection has increasingly been used both to attack software ap...
Currently, software organizations face critical issues associated with computer security, considerin...
International audienceThis paper presents a fully automated technique to find and trigger Use-After-...
Les systèmes embarqués traitent et manipulent de plus en plus de données sensibles. La sécurité de c...
This paper presents a formal verification framework and tool that evaluates the robustness of softwa...
This article presents the method for purposeful detection of vulnerabilities depending on input data...
Finding and exploiting vulnerabilities in binary code is a challenging task. The lack of high-level,...
Cryptographic implementations are often vulnerable against physical attacks, fault injection analysi...
International audienceFault injection has increasingly been used both to attack software application...
International audienceThis paper presents a method for exploitable vulnerabilities detection in bina...
Vulnerability diagnosis is important for program security analysis. It is a further step to understa...
Fault injection has increasingly been used both to attack software applications, and to test system ...
Recently fault injection has increasingly been used both to attack software applications, and to tes...
Currently, software organizations face critical issues associated with computer security, considerin...
International audienceRecently fault injection has increasingly been used both to attack software ap...
Currently, software organizations face critical issues associated with computer security, considerin...
International audienceThis paper presents a fully automated technique to find and trigger Use-After-...
Les systèmes embarqués traitent et manipulent de plus en plus de données sensibles. La sécurité de c...
This paper presents a formal verification framework and tool that evaluates the robustness of softwa...