Note:

Abstract: Physical attacks are performed against embedded systems which generally aim at getting valuable data, bypassing a protection or doing reverse-engineering. Such embedded devices and in particular smart cards are targeted. In this project, the effects of modern compiler optimisations on the software countermeasures and the balance between Security requirements and the aggressive optimisations required to meet high code size and performance requirements have been discussed. <br /> A smart-card operating system like Java Card provides a layer of security to interpreted applets. This system is hardened against physical attacks like side channel analysis and perturbation attacks using a combination of Hardware and Software countermeasures. The embedded system security must hold against intentional hardware failures that can result in software failures. With a malicious intent, an attacker can exploit these vulnerabilities to find sensitive data or bypass security features embedded within the code. <br /> The experimental results show that the injected faults were due to the corruption of the bus transfers between memory and the processors pipeline. Such faults enable to perform instruction skips, corrupt some data transfers or replace certain instructions. Therefore, to ensure integrity the software countermeasures involves the inclusion of redundant checks on fault sensitive variables and codes. <br /> However, careful study of Assembly code shows that this countermeasure is non functional or omitted out when Compiler optimizations are switched ON, this situation arises when the compiler optimizations preserve the functionality of the code but violates a security guarantee. Although, we can get around these situations by the use of keyword Volatile for doing DOUBLE READS, it is not always desirable to declare a variable volatile when it is not always necessary for the variable to be fetched from the memory for every operation performed on it within a function, which has serious effects on code size and performance. <br /> In conclusion, although, we propose a series of Tips and Tricks to work around these peculiar cases where there is an instruction skip or a read of a corrupted variable due to fault injection and its adverse effects due to Compiler Optimizations on Software countermeasures that prevent these vulnerabilities, we conclude that there is no well defined solution for this problem and hence, there is a need to introduce certain functionality at the Compiler level to add security features that can enable developers to mark certain security sensitive code to be excluded from optimizations by the compiler.