A Systematic Review of Fault Injection Attacks on IoT Systems

Abstract

The field of the Internet of Things (IoT) is growing at a breakneck pace and its applications are becoming increasingly sophisticated with time. Fault injection attacks on IoT systems are aimed at altering software behavior by introducing faults into the hardware devices of the system. Attackers introduce glitches into hardware components, such as the clock generator, microcontroller, and voltage source, which can affect software functioning, causing it to misbehave. The methods proposed in the literature to handle fault injection attacks on IoT systems vary from hardware-based attack detection using system-level properties to analyzing the IoT software for vulnerabilities against fault injection attacks. This paper provides a systematic review of the various techniques proposed in the literature to counter fault injection attacks at both the system level and the software level to identify their limitations and propose solutions to address them. Hybrid attack detection methods at the software level are proposed to enhance the security of IoT systems against fault injection attacks. Solutions to the identified limitations are suggested using machine learning, dynamic code instrumentation tools, hardware emulation platforms, and concepts from the software testing domain. Future research possibilities, such as the use of software fault injection tools and supervised machine learning for attack detection at the software level, are investigated.