Concurrent Error Research Articles

Security analysis of concurrent error detection against differential fault analysis

Differential fault analysis (DFA) poses a significant threat to advanced encryption standard (AES). Only a single faulty ciphertext is required to extract the secret key. Concurrent error detection (CED) is widely used to protect AES against DFA. Traditionally, these CEDs are evaluated with uniformly distributed faults, the resulting fault coverage indicates the security of CEDs against DFA. However, DFA-exploitable faults, which are a small subspace of the entire fault space, are not uniformly distributed. Therefore, fault coverage does not accurately measure the security of the CEDs against DFA. We provide a systematic study of DFA of AES and show that an attacker can inject biased faults to improve the success rate of the attacks. We propose fault entropy (FE) and fault differential entropy (FDE) to evaluate CEDs. We show that most CEDs with high fault coverage are not secure when evaluated with FE and FDE. This work challenges the traditional use of fault coverage for uniformly distributed faults as a metric for evaluating the security of CEDs against DFA.

A survey of race bug detection techniques for multithreaded programmes

SummaryAs multithreaded programmes become popular to fully utilize multicore CPUs, many race bug detection techniques have been developed to find concurrency errors in multithreaded programmes effectively. Because these techniques have different views on target programme execution and detect race bugs of various types, it is difficult to characterize, compare and improve race bug detection techniques. This paper presents a formal execution model, which can uniformly represent various views of race bug detection techniques on target programme execution. Then, this paper classifies 43 race bug detection techniques according to their target race bugs. We classify race bugs on whether or not a bug violates operation block specification and/or data association specification. This survey provides researchers with a clear top‐down view of various race bug detection techniques. In addition, the concrete examples of various race bugs in this survey can help field engineers avoid race bugs in their multithreaded programmes. Copyright © 2014 John Wiley & Sons, Ltd.

Low-Cost Concurrent Error Detection for GCM and CCM

In many applications, encryption alone does not provide enough security. To enhance security, dedicated authenticated encryption (AE) mode are invented. Galios Counter Mode (GCM) and Counter with CBC-MAC mode (CCM) are the AE modes recommended by the National Institute of Standards and Technology. To support high data rates, AE modes are usually implemented in hardware. However, natural faults reduce its reliability and may undermine both its encryption and authentication capability. We present a low-cost concurrent error detection (CED) scheme for 7 AE architectures. The proposed technique explores idle cycles of the AE mode architectures. Experimental results shows that the performance overhead can be lower than 100 % for all architectures depending on the workload. FPGA implementation results show that the hardware overhead in the 0.1–23.3 % range and the power overhead is in the 0.2–23.2 % range. ASIC implementation results show that the hardware overhead in the 0.1–22.8 % range and the power overhead is in the 0.3–12.6 % range. The underlying block cipher and hash module need not have CED built in. Thus, it allows system designers to integrate block cipher and hash function intellectual property from different vendors.

English

An Error Correction code with Parity check matrix is implemented which is other type of the One Step Majority Logic Decodable (OS-MLD) called as Orthogonal Latin Squares (OLS) codes. It is a concurrent error detection technique for OLS codes encoders and syndrome computation because of the fact that when ECCs are used, the encoder and decoder circuits can also suffer errors.These OLS codes are used to correct the memories and caches. This can be achieved due to their modularity such that the error correction capabilities can be easily adapted to the error rate or to the mode of the operation.OLS codes typically require more parity bits than other codes to correct the same number of errors. However, due to their modularity and the simple low delay decoding implementation these are widely used in Error Correction. All the errors that affect a single circuit node are detected by the parity prediction scheme. The area and latency values are monitored.

State of the Art Realistic Cryptographic Approaches for RC4 Symmetric Stream Cipher

In this paper we present low -cost, concurrent checking methods for multiple error detection in S -boxes of symmetric block ciphers. These are redundancy-based fault detection schemes. We describe some studies of parity based concurrent error detection in S -boxes. Probability of multiple error detection is analyzed for random data. In this work 48-input, 32-output substitution blocks are taken into consideration.

On codes with summation of data bits in concurrent error detection systems

We consider a complete set of codes with unit bits summation used to organize combinational logic in logical devices. We propose new modified codes and establish their data bits errors detection properties. We also give a classification of codes.

Efficient and Concurrent Reliable Realization of the Secure Cryptographic SHA-3 Algorithm

The secure hash algorithm (SHA)-3 has been selected in 2012 and will be used to provide security to any application which requires hashing, pseudo-random number generation, and integrity checking. This algorithm has been selected based on various benchmarks such as security, performance, and complexity. In this paper, in order to provide reliable architectures for this algorithm, an efficient concurrent error detection scheme for the selected SHA-3 algorithm, i.e., Keccak, is proposed. To the best of our knowledge, effective countermeasures for potential reliability issues in the hardware implementations of this algorithm have not been presented to date. In proposing the error detection approach, our aim is to have acceptable complexity and performance overheads while maintaining high error coverage. In this regard, we present a low-complexity recomputing with rotated operands-based scheme which is a step-forward toward reducing the hardware overhead of the proposed error detection approach. Moreover, we perform injection-based fault simulations and show that the error coverage of close to 100% is derived. Furthermore, we have designed the proposed scheme and through ASIC analysis, it is shown that acceptable complexity and performance overheads are reached. By utilizing the proposed high-performance concurrent error detection scheme, more reliable and robust hardware implementations for the newly-standardized SHA-3 are realized.

Fault Tolerant Techniques for Finite Field Multipliers

The use of finite field multipliers in the critical applications like elliptic curve cryptography needs Concurrent Error Detection (CED) and correction at architectural level to provide high reliability. This paper discusses fault tolerant technique for polynomial representation based finite field multipliers. The detection and correction are done on-line. We use a combination of Double Modular Redundancy (DMR) and Concurrent Error Detection (CED) techniques. The fault tolerant finite field multiplier is coded in VHDL and simulated using Modelsim. Further, the proposed multiplier with fault tolerant capability is synthesized and results are analyzed with respect to area occupied, input and output pin counts and delay. Our technique, when compared with existing techniques, gives better performance. We show that our concurrent error detecting multiplier over GF(2m) requires less than 200% extra hardware, whereas with the traditional fault tolerant techniques, such as Triple Modular Redundancy (TMR), overhead is more than 200%.

Race detection for Android applications

Programming environments for smartphones expose a concurrency model that combines multi-threading and asynchronous event-based dispatch. While this enables the development of efficient and feature-rich applications, unforeseen thread interleavings coupled with non-deterministic reorderings of asynchronous tasks can lead to subtle concurrency errors in the applications. In this paper, we formalize the concurrency semantics of the Android programming model. We further define the happens-before relation for Android applications, and develop a dynamic race detection technique based on this relation. Our relation generalizes the so far independently studied happens-before relations for multi-threaded programs and single-threaded event-driven programs. Additionally, our race detection technique uses a model of the Android runtime environment to reduce false positives. We have implemented a tool called DroidRacer. It generates execution traces by systematically testing Android applications and detects data races by computing the happens-before relation on the traces. We analyzed 15 Android applications including popular applications such as Facebook, Twitter and K-9 Mail. Our results indicate that data races are prevalent in Android applications, and that DroidRacer is an effective tool to identify data races.

Race detection for event-driven mobile applications

Mobile systems commonly support an event-based model of concurrent programming. This model, used in popular platforms such as Android, naturally supports mobile devices that have a rich array of sensors and user input modalities. Unfortunately, most existing tools for detecting concurrency errors of parallel programs focus on a thread-based model of concurrency. If one applies such tools directly to an event-based program, they work poorly because they infer false dependencies between unrelated events handled sequentially by the same thread. In this paper we present a race detection tool named CAFA for event-driven mobile systems. CAFA uses the causality model that we have developed for the Android event-driven system. A novel contribution of our model is that it accounts for the causal order due to the event queues, which are not accounted for in past data race detectors. Detecting races based on low-level races between memory accesses leads to a large number of false positives. CAFA overcomes this problem by checking for races between high-level operations. We discuss our experience in using CAFA for finding and understanding a number of known and unknown harmful races in open-source Android applications.

Reliable Concurrent Error Detection Architectures for Extended Euclidean-Based Division Over <inline-formula> <tex-math notation="TeX">${\rm GF}(2^{m})$ </tex-math></inline-formula>

The extended Euclidean algorithm (EEA) is an important scheme for performing the division operation in finite fields. Many sensitive and security-constrained applications such as those using the elliptic curve cryptography for establishing key agreement schemes, augmented encryption approaches, and digital signature algorithms utilize this operation in their structures. Although much study is performed to realize the EEA in hardware efficiently, research on its reliable implementations needs to be done to achieve fault-immune reliable structures. In this regard, this paper presents a new concurrent error detection (CED) scheme to provide reliability for the aforementioned sensitive and constrained applications. Our proposed CED architecture is a step forward toward more reliable architectures for the EEA algorithm architectures. Through simulations and based on the number of parity bits used, the error detection capability of our CED architecture is derived to be 100% for single-bit errors and close to 99% for the experimented multiple-bit errors. In addition, we present the performance degradations of the proposed approach, leading to low-cost and reliable EEA architectures. The proposed reliable architectures are also suitable for constrained and fault-sensitive embedded applications utilizing the EEA hardware implementations.

The Time Dilation Technique for Timing Error Tolerance

Timing error tolerance is of great importance in nanometer technology integrated circuits. In this paper, the Time Dilation design technique is proposed that provides concurrent error detection and correction in the field of application and also supports off-line manufacturing scan testing. By utilizing a new scan Flip-Flop, the Time Dilation technique is capable to detect and correct multiple errors at the minimum penalty of one clock cycle delay. The silicon area overhead and the power consumption are substantially reduced, as compared to the Razor design approach, since no additional memory elements are required. At the same time, the proposed technique introduces only negligible performance degradation since no extra circuitry is inserted in the critical paths of a design.

Concurrent Error Detection of Binary and Nonbinary OLS Parallel Decoders

This paper presents a concurrent error detection (CED) scheme for orthogonal Latin square (OLS) parallel decoders. Different from a CED scheme found in the technical literature that protects only the syndrome generator, the proposed CED scheme protects the whole OLS decoder for single stuck-at faults. This paper presents the detailed design and analysis of the proposed CED scheme and shows that it is strongly fault secured for single stuck-at faults. Extensive simulation results are also provided; different figures of merit such as area, power dissipation, gate depth, and coverage are assessed. It is shown that the proposed decoder designs for ( n, k) t-bit error correcting OLS codes (k = 16 ...256; t = 2 ...5) have reasonable overhead; for example, the average area overhead of the proposed CED is 35.5 (23.6) % compared with an OLS decoder with no CED (i.e., the previously reported CED scheme). However, the most significant advantage of the proposed scheme is that it achieves 100% fault coverage for the whole CED circuit, thus providing a very efficient and fully fault-tolerant implementation. The proposed CED is applicable to both binary and nonbinary OLS codes; the CED for a nonbinary OLS decoder achieves comparable or better results than a binary OLS decoder. Moreover, simulation shows that the proposed CED scheme is better than double modular redundancy.

Fault-Duration And-Location Aware CED Technique With Runtime Adaptability

In response to the rising fault susceptibility of integrated circuits due to aggressive device scaling, a number of concurrent error detection (CED) techniques have been proposed. However, many of these CED techniques do not concern power. Even worse, these techniques are inefficient or even incapable of addressing the new challenges brought about by nanometer devices. In this paper, we propose a new register-transfer-level CED technique that comprehensively considers power efficiency and fault security. Its CED capability can be adjusted at runtime according to the actual need. The proposed high-level synthesis technique ensures that the generated datapath consumes minimal power for any fault scenario it has been turned to.

VXWORKS系统并发程序动态测试工具设计

近年来随着实时嵌入式系统自动化程度的不断提升，其设计复杂度不断加大，在设计中大量的使用了并发程序设计方法。但在实时嵌入式系统测试的过程中，由于实时嵌入式系统中中断和线程相互交叠，始终缺乏有效的并发程序测试工具。为此本文设计了针对VXWORKS系统并发程序动态测试工具，提出以标记迁移系统作为并发程序的系统模型，对常见的并发错误给出了形式化定义，使用偏序化简算法缩减程序的状态空间，实现了对多线程、多重中断的并发程序错误检测。 In recent years, with the improving degree of automation of real-time embedded systems, their design complexity continues to increase. Concurrent programming methods were widely used in designing. But due to real-time embedded system interrupts and threads overlap, in the testing and checking process of real-time embedded system, there is always lack of an effective program testing tool. So we designed a testing tool for VXWORKS systems dynamic concurrent programs. We use Labeled Transition Systems as a system of concurrent programming model, and have given formal definition for common concurrency error, and use of partial order reduction algorithm to reduce the state space of the program. Finally, we have realized the testing tool which can detect multi-threaded and multi-interrupt program concurrent errors.

ERROR DETECTION SCHEMES FOR FINITE FIELD MULTIPLIERS

Finite field multipliers are widely used in the fie ld of cryptography for the purpose of scalar multip lication. The outputs of the finite field multipliers may con sist of errors due to certain natural radiations wh ich further leads to the failure of the cryptosystems. Here two Concurrent Error Detection (CED) schemes namely time redundancy and modular inversion based error detection schemes for finite field multiplier s are discussed. The CED techniques have been implemented for bit serial, digit serial and bit parallel Montgomery multipliers. The Simulation results are obtained using Modelsim10.0b, area and power analysis has been performed using Xilinx ISE 9.1i. The proposed modular inversion based CED scheme is found to be area and power efficient compared to ex isting time redundancy based CED scheme.

A Fault Tolerant Approach for FPGA Embedded Processors Based on Runtime Partial Reconfiguration

The ever increasing adoption of field programmable devices in various application domains for building complex embedded systems based on FPGA processors along with the reliability issues having emerged for FPGA devices built with the latest nanometer technologies, have raised the need for new fault tolerant techniques in order to improve dependability and extend system lifetime. In addition, the runtime partial reconfiguration technology highly mature in the modern FPGA families along with the availability of unused programmable resources in most FPGA designs provide new and interesting opportunities to build advanced fault tolerance mechanisms. In this paper, we exploit the dynamic reconfiguration potential of today's FPGA architectures and the advances in the related design support tools and we propose a fault-tolerant approach for FPGA embedded processors based on runtime partial reconfiguration. According to the proposed methodology, the processor core is partitioned into reconfigurable modules and each module is duplicated to implement a concurrent error detection mechanism. Precompiled configurations containing spare resources are generated for each duplicated module and are used to repair at runtime the defective modules. Also, a fault tolerance scheme for the proxy logic of the reconfigurable modules, which cannot move in the alternative configurations along with the rest logic, is proposed. Moreover, a compression method for the alternative partial bitstreams, which significantly reduces the high storage space requirements of the proposed approach, is presented. Two different hardware decompression schemes have been implemented in a Virtex-5 device and compared in terms of area overhead and decompression latency. Furthermore, a thorough examination has been performed, regarding how the percentage of the spare resources and their allocation in the reconfigurable regions affect the compression efficiency and the processor performance. Finally, the proposed approach has been demonstrated in three different components --- ALU, multiplier-accumulator, and instruction-fetch unit --- of an open-source embedded processor.

Concurrent Error Detection for Orthogonal Latin Squares Encoders and Syndrome Computation

Error correction codes (ECCs) are commonly used to protect memories against errors. Among ECCs, orthogonal latin squares (OLS) codes have gained renewed interest for memory protection due to their modularity and the simplicity of the decoding algorithm that enables low delay implementations. An important issue is that when ECCs are used, the encoder and decoder circuits can also suffer errors. In this brief, a concurrent error detection technique for OLS codes encoders and syndrome computation is proposed and evaluated. The proposed method uses the properties of OLS codes to efficiently implement a parity prediction scheme that detects all errors that affect a single circuit node.

Bounded partial-order reduction

Eliminating concurrency errors is increasingly important as systems rely more on parallelism for performance. Exhaustively exploring the state-space of a program's thread interleavings finds concurrency errors and provides coverage guarantees, but suffers from exponential state-space explosion . Two prior approaches alleviate state-space explosion. (1) Dynamic partial-order reduction (DPOR) provides full coverage and explores only one interleaving of independent transitions. (2) Bounded search provides bounded coverage by enumerating interleavings that do not exceed a bound. In particular, we focus on preemption-bounding. Combining partial-order reduction with preemption-bounding had remained an open problem. We show that preemption-bounded search explores the same partial orders repeatedly and consequently explores more executions than unbounded DPOR, even for small bounds. We further show that if DPOR simply uses the preemption bound to prune the state space as it explores new partial orders, it misses parts of the state space reachable in the bound and is therefore unsound. The bound essentially induces dependences between otherwise independent transitions in the DPOR state space. We introduce Bounded Partial Order Reduction (BPOR), a modification of DPOR that compensates for bound dependences. We identify properties that determine how well bounds combine with partial-order reduction. We prove sound coverage and empirically evaluate BPOR with preemption and fairness bounds. We show that by eliminating redundancies, BPOR significantly reduces testing time compared to bounded search. BPOR's faster incremental guarantees will help testers verify larger concurrent programs.

HYBRID-CMOS LOGIC STYLE DESIGN FOR FAST SELF-CHECKING ADDERS DATA PATHS

In this paper we present an efficient design for self-checking fast adders data paths. We investigate the implementation of concurrent error detection fast adders: carry look-ahead, Carry skip, Carry-select and Conditional-Sum adders. To achieve a low overhead, low power design, we use hybrid-CMOS logic style and combine Conventional CMOS and CMOS Pass transistor Logic (CPL). The proposed schemes are Totally Self-Checking (TSC). They are fully differential and checked by dual-rail and parity codes.