Cybersecurity Lecture Series with Patrick Schaumont

Event Details
  • Date/Time:
    • Friday October 28, 2016
      12:00 pm - 1:00 pm
  • Location: Pettit Microelectronics Research Building, MIRC Room 102, 791 Atlantic Drive NW, Atlanta, GA
  • Phone:
  • URL:
  • Email:
  • Fee(s):
    N/A
  • Extras:
Contact

Tara La Bouff, tara.labouff@iisp.gatech.edu, 404.769.5408

Summaries

Summary Sentence: Patrick Schaumont from Virginia Tech delivers a guest lecture titled "Fault Injection as an Attack Vector Against Trustworthy Embedded Systems."

Full Summary: No summary paragraph submitted.

Media
  • Cybersecurity Lecture Series Cybersecurity Lecture Series
    (image/jpeg)
  • Jackson National Life Insurance Company Jackson National Life Insurance Company
    (image/jpeg)

Meet academic and industry leaders for intimate discussions about new cyber threats, trends and technologies. 

The weekly Cybersecurity Lecture Series is a free, open-to-the-public lecture from a thought leader who is advancing the field of information security and privacy. Invited speakers include executives and researchers from private companies, government agencies, start-up incubators as well as Georgia Tech faculty and students presenting their research.

Held weekly each Friday at Noon through Dec. 2, lectures are open to all -- students, faculty, industry, government, or simply the curious. Students may register for credit under seminar course CS-8001-INF.

Complimentary lunch provided for registered guests. Please bring your own beverage.

Sign up to receive future lecture announcements.

 

Featuring Patrick Schaumont on Oct. 28

"Fault injection as an attack vector against trustworthy embedded systems"

 

ABSTRACT   |   In the Internet of Things, the cyber-world will use a huge number of small embedded computing elements to control and sense the real world. The integrity and trustworthiness of these embedded systems is crucial; their manipulation has direct consequences to the safety of the applications they support.

In this presentation we discuss the threat vector of implementation attacks on these embedded systems. We assume an adversary who can disturb the operation of such embedded systems by means of fault injection: the deliberate insertion of a computation error or memory error. This attack vector is realistic in cases when the embedded computing elements are subject to physical manipulation by an adversary. Fault injection can be achieved by pushing the embedded system outside of its nominal operating limits, which can be achieved by many different techniques.

We review the principles of fault injection, and highlight its  use as a versatile hacking tool to obtain device control and to extract secret data. The traditional technique, differential fault analysis, dates back almost two decades, and many very effective variants have since been proposed. Most recently, biased-fault attacks have been developed which are able to use fault-response behavior as a side-channel signal. We review these biased fault attacks and explain why they are a threat to contemporary embedded designs. Finally, we show that biased-fault attacks apply equally well to software. We conclude that a fault attack can be engineered by an adversary to obtain a precise result.

 

BIO   |   Patrick Schaumont is a professor in Computer Engineering at Virginia Tech. He received the Ph.D. degree in Electrical Engineering from UCLA in 2004, and the M.S. degree in Computer Science from Ghent University in 1990. From 2012 to 2014 he served as director for the Center for Embedded Systems for Critical Applications (CESCA) at Virginia Tech. His research interests are in design and design methods of secure, efficient and real-time embedded computing systems. He served as program co-chair for several conferences in this field, including CHES, HOST, WESS and RFIDsec. He received the National Science Foundation CAREER Award in 2007. He was named Outstanding New Assistant Professor in 2007, received the Dean's Award for Excellence in Teaching in 2012, and was named Dean's Faculty Fellow in 2013.

 

Supported by Jackson National Life Insurance Company

Additional Information

In Campus Calendar
Yes
Groups

College of Computing, College of Computing Events, Institute for Information Security and Privacy, School of Computational Science and Engineering, School of Computer Science, School of Interactive Computing

Invited Audience
Faculty/Staff, Public, Undergraduate students, Graduate students
Categories
Seminar/Lecture/Colloquium
Keywords
Cybersecurity
Status
  • Created By: Tara La Bouff
  • Workflow Status: Published
  • Created On: Oct 27, 2016 - 11:44am
  • Last Updated: Apr 13, 2017 - 5:14pm