JTAG Fault Injection Attack
Résumé
Fault injection attacks are widespread in the
domain of smart cards and microcontrollers but have not been yet democratized on complex embedded microprocessors such as systems-on-chip (SoC) that can be found in smart phones, tablets and automotive systems. The main explanation is the difficulty involved in injecting a fault at the right place and at the right time to make these attacks effective on such devices. However for development and debugging, these devices provide new tools that could be considered as possibly enabling attacks. One such tool, the JTAG debug tool is present on most electronic devices today. In this paper, we present the first fault injection attack based on JTAG. Using the example of a privilege escalation attack, we detail how this tool can be used either to check the feasibility of this attack by fault injection or to perform an actual attack.