From 190bebff6b0ce5686a4899365bc0beac1338c291 Mon Sep 17 00:00:00 2001 From: Pascal Nasahl Date: Mon, 17 Jun 2024 09:13:08 +0200 Subject: [PATCH] [fi] Add hardened check test This commit adds the command handler for the fi.ibex.char.hardened_check_eq_unimps test. Signed-off-by: Pascal Nasahl --- ...x.char.hardened_check_eq_unimps.cw310.yaml | 45 +++++++++++++++++++ target/communication/fi_ibex_commands.py | 9 ++++ 2 files changed, 54 insertions(+) create mode 100644 fault_injection/configs/pen.global_fi.ibex.char.hardened_check_eq_unimps.cw310.yaml diff --git a/fault_injection/configs/pen.global_fi.ibex.char.hardened_check_eq_unimps.cw310.yaml b/fault_injection/configs/pen.global_fi.ibex.char.hardened_check_eq_unimps.cw310.yaml new file mode 100644 index 00000000..4ec23bbd --- /dev/null +++ b/fault_injection/configs/pen.global_fi.ibex.char.hardened_check_eq_unimps.cw310.yaml @@ -0,0 +1,45 @@ +target: + target_type: cw310 + fpga_bitstream: "../objs/lowrisc_systems_chip_earlgrey_cw310_0.1.bit" + force_program_bitstream: False + fw_bin: "../objs/sca_ujson_fpga_cw310.bin" + output_len_bytes: 16 + target_clk_mult: 0.24 + target_freq: 24000000 + baudrate: 115200 + protocol: "ujson" + port: "/dev/ttyACM1" +fisetup: + fi_gear: "husky" + fi_type: "voltage_glitch" + # Voltage glitch width in cycles. + glitch_width_min: 5 + glitch_width_max: 150 + glitch_width_step: 3 + # Range for trigger delay in cycles. + trigger_delay_min: 0 + trigger_delay_max: 500 + trigger_step: 10 + # Number of iterations for the parameter sweep. + num_iterations: 10000 +fiproject: + # Project database type and memory threshold. + project_db: "ot_fi_project" + project_mem_threshold: 10000 + # Store FI plot. + show_plot: True + num_plots: 100 + plot_x_axis: "trigger_delay" + plot_x_axis_legend: "[cycles]" + plot_y_axis: "glitch_width" + plot_y_axis_legend: "[cycles]" +test: + which_test: "ibex_char_hardened_check_eq_unimps" + # For this test, the expected result is actually a crash of the system. On + # a successful FI attack, this could be one result: + expected_result: '{"result1":0,"result2":1,"err_status":0,"alerts":0}' + # Set to true if the test should ignore alerts returned by the test. As the + # alert handler on the device could sometime fire alerts that are not + # related to the FI, ignoring is by default set to true. A manual analysis + # still can be performed as the alerts are stored in the database. + ignore_alerts: True diff --git a/target/communication/fi_ibex_commands.py b/target/communication/fi_ibex_commands.py index 8785bae0..d9bc38f0 100644 --- a/target/communication/fi_ibex_commands.py +++ b/target/communication/fi_ibex_commands.py @@ -268,6 +268,15 @@ def ibex_address_translation(self) -> None: time.sleep(0.01) self.target.write(json.dumps("AddressTranslation").encode("ascii")) + def ibex_char_hardened_check_eq_unimps(self) -> None: + """ Starts the ibex.fi.char.hardened_check_eq_unimps test. + """ + # IbexFi command. + self._ujson_ibex_fi_cmd() + # CharHardenedCheck command. + time.sleep(0.01) + self.target.write(json.dumps("CharHardenedCheck").encode("ascii")) + def read_response(self, max_tries: Optional[int] = 1) -> str: """ Read response from Ibex FI framework. Args: