TVVF: Estimating the vulnerability of hardware cryptosystems against timing violation attacks

Secure hardware designers require a method to evaluate the vulnerability of their systems against fault attacks to make proper security/cost trade-offs. To our knowledge, no systematic approach has been proposed for this purpose. This paper introduces Timing Violation Vulnerability Factor (TVVF), which evaluates the vulnerability of a hardware structure to setup time violation attacks. TVVF, a probablistic metric computed on a circuit´s netlist, is comprised of two factors: First, the probability of injecting a specific fault in the hardware structure, and second, the probability of propagating this fault to the output of the structure. TVVF aims at evaluating the security of designs against intentional faults caused by an adversary. In contrast, existing vulnerability metrics such as the Architecture Vulnerability Factor (AVF), evaluate the system reliability against random uncontrolled faults. To show the applicability of our metric, we compute the TVVF for two fault attacks on two AES netlists, which are generated for an FPGA.