Hardware Specification Aware Timing Side Channel Security Analysis

Published: 2023

Author(s):

Prabhuddha Chakraborty
Tasneem Suha
Swarup Bhunia

Publication Name: IEEE Xplore

Publication URL: https://doi.org/10.1109/SOCC58585.2023.10256749

Research Area:

Industry 4.0

Keywords:

code repair, Couplings, Engineering, hardware, maintenance, Side-channel attacks, Smart cities, software, Threat modeling, timing side channel analysis

Abstract:

Most software programs in modern Internet-of-Things (IoT) systems in diverse domains such as healthcare, smart cities, banking, and industrial automation deal with secret data/assets. Timing side-channel analysis is a potent attack vector against such modern systems and it involves measuring the execution time of a program towards leaking secret assets, stealing intellectual property, and identifying other vulnerabilities in the system. Timing side-channel analysis typically targets branches and program behaviours that are dependent on the value of a secret variable or asset. The traditional approach towards mitigating this security concern involves performing a software-level analysis followed by branch balancing and/or constant time programming. However, a pure software-level analysis and repair might not be ideal at the current time due to the tighter coupling of hardware-software components in IoT systems. Hence, we believe, a more hardware-aware software timing analysis and repair might be necessary towards tackling this evolving area. In this article, we highlight how a purely software-level analysis and repair might be problematic, analyze the current research trend in timing side-channel analysis, and propose a potential pathway for future research.