International audienceCertification through auditing allows to ensure that critical embedded systems are secure. This entails reviewing their critical components and checking for dangerous execution paths. This latter task requires the use of specialized tools which allow to explore and replay executions but are also difficult to use effectively within the context of the audit, where time and knowledge of the code are limited. Fault analysis is especially tricky as the attacker may actively influence execution, rendering some common methods unusable and increasing the number of possible execution paths exponentially. In this work, we present a new method which mitigates these issues by reducing the number of fault injection points considere...
Semi-invasive fault injection attacks are powerful techniques well-known by attackers and secure emb...
Over the past 20 years, our society has become increasingly dependent on software. Today, we rely on...
Fault injection has increasingly been used both to attack software applications, and to test system ...
International audienceMany program analysis tools and techniques have been developed to assess progr...
Many program analysis tools and techniques have been developed to assess program vulnerability. Yet,...
International audienceThis paper presents a fully automated technique to find and trigger Use-After-...
With a code injection attack (CIA) an attacker can introduce malicious code into a computer program ...
textMany challenges in software quality can be tackled with dynamic analysis. However, these techniq...
We present a platform for software security testing primarily designed to support human testers in d...
International audienceMulti-fault injection attacks are powerful since they allow to bypass software...
We present a platform for software security testing primarily designed to support human testers in d...
International audienceFault injection is a well known method to test the robustness and security vul...
International audience<p>Fault injection attack is an extremely pow-erful technique to extract secre...
International audienceFault injection has increasingly been used both to attack software application...
Software assurance is of paramount importance given the increasing impact of software on our lives. ...
Semi-invasive fault injection attacks are powerful techniques well-known by attackers and secure emb...
Over the past 20 years, our society has become increasingly dependent on software. Today, we rely on...
Fault injection has increasingly been used both to attack software applications, and to test system ...
International audienceMany program analysis tools and techniques have been developed to assess progr...
Many program analysis tools and techniques have been developed to assess program vulnerability. Yet,...
International audienceThis paper presents a fully automated technique to find and trigger Use-After-...
With a code injection attack (CIA) an attacker can introduce malicious code into a computer program ...
textMany challenges in software quality can be tackled with dynamic analysis. However, these techniq...
We present a platform for software security testing primarily designed to support human testers in d...
International audienceMulti-fault injection attacks are powerful since they allow to bypass software...
We present a platform for software security testing primarily designed to support human testers in d...
International audienceFault injection is a well known method to test the robustness and security vul...
International audience<p>Fault injection attack is an extremely pow-erful technique to extract secre...
International audienceFault injection has increasingly been used both to attack software application...
Software assurance is of paramount importance given the increasing impact of software on our lives. ...
Semi-invasive fault injection attacks are powerful techniques well-known by attackers and secure emb...
Over the past 20 years, our society has become increasingly dependent on software. Today, we rely on...
Fault injection has increasingly been used both to attack software applications, and to test system ...