Fault injection attack has been a serious threat to security-critical embedded systems for a long time, yet existing research ignores addressing of the problem from a system-level perspective. This article presents an approach to the synthesis of secure real-time applications mapped on distributed embedded systems, which focuses on preventing fault injection attacks of the security protection on processing units. We utilize symmetric cryptographic service to protect confidentiality and deploy fault detection within a confidential algorithm to resist fault injection attacks. Several fault detection schemes are identified, and their fault coverage rates and time overheads are derived and measured. Our synthesis approach makes efforts to determine the best fault detection schemes for the encryption/decryption of messages such that the overall security strength of detecting a fault injection attack is maximized and the deadline constraint of the realtime applications is guaranteed. Due to the complexity of the problem, we propose an efficient algorithm based on the fruit fly optimization algorithm, and we compare it to the simulated annealing approach. Extensive experiments and a real-life application evaluation demonstrate the superiority of our approach.

• 出版日期2017-3
• 单位电子科技大学