{"id":"https://openalex.org/W3091426308","doi":"https://doi.org/10.1109/tifs.2020.3027143","title":"<i>ARMORY</i>: Fully Automated and Exhaustive Fault Simulation on ARM-M Binaries","display_name":"<i>ARMORY</i>: Fully Automated and Exhaustive Fault Simulation on ARM-M Binaries","publication_year":2020,"publication_date":"2020-09-29","ids":{"openalex":"https://openalex.org/W3091426308","doi":"https://doi.org/10.1109/tifs.2020.3027143","mag":"3091426308"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2020.3027143","is_oa":true,"landing_page_url":"https://doi.org/10.1109/tifs.2020.3027143","pdf_url":"https://ieeexplore.ieee.org/ielx7/10206/9151439/09206547.pdf","source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://ieeexplore.ieee.org/ielx7/10206/9151439/09206547.pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Max Hoffmann","orcid":"https://orcid.org/0000-0001-9072-611X"},"institutions":[{"id":"https://openalex.org/I4210096592","display_name":"Max Planck Institute for Security and Privacy","ror":"https://ror.org/00bj0r217","country_code":"DE","type":"facility","lineage":["https://openalex.org/I149899117","https://openalex.org/I4210096592"]},{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Max Hoffmann","raw_affiliation_strings":["Horst G\u00f6rtz Institute for IT-Security, Ruhr University Bochum, Bochum, Germany","Max Planck Institute for Security and Privacy, Bochum, Germany"],"raw_orcid":"https://orcid.org/0000-0001-9072-611X","affiliations":[{"raw_affiliation_string":"Horst G\u00f6rtz Institute for IT-Security, Ruhr University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]},{"raw_affiliation_string":"Max Planck Institute for Security and Privacy, Bochum, Germany","institution_ids":["https://openalex.org/I4210096592"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088701632","display_name":"Falk Schellenberg","orcid":"https://orcid.org/0000-0001-8353-7564"},"institutions":[{"id":"https://openalex.org/I4210096592","display_name":"Max Planck Institute for Security and Privacy","ror":"https://ror.org/00bj0r217","country_code":"DE","type":"facility","lineage":["https://openalex.org/I149899117","https://openalex.org/I4210096592"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Falk Schellenberg","raw_affiliation_strings":["Max Planck Institute for Security and Privacy, Bochum, Germany"],"raw_orcid":"https://orcid.org/0000-0001-8353-7564","affiliations":[{"raw_affiliation_string":"Max Planck Institute for Security and Privacy, Bochum, Germany","institution_ids":["https://openalex.org/I4210096592"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5041748332","display_name":"Christof Paar","orcid":"https://orcid.org/0000-0001-8681-2277"},"institutions":[{"id":"https://openalex.org/I4210096592","display_name":"Max Planck Institute for Security and Privacy","ror":"https://ror.org/00bj0r217","country_code":"DE","type":"facility","lineage":["https://openalex.org/I149899117","https://openalex.org/I4210096592"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Christof Paar","raw_affiliation_strings":["Max Planck Institute for Security and Privacy, Bochum, Germany"],"raw_orcid":"https://orcid.org/0000-0001-8681-2277","affiliations":[{"raw_affiliation_string":"Max Planck Institute for Security and Privacy, Bochum, Germany","institution_ids":["https://openalex.org/I4210096592"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I4210096592","https://openalex.org/I904495901"],"apc_list":null,"apc_paid":null,"fwci":0.5202,"has_fulltext":true,"cited_by_count":11,"citation_normalized_percentile":{"value":0.6556947,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":"16","issue":null,"first_page":"1058","last_page":"1073"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11005","display_name":"Radiation Effects in Electronics","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11005","display_name":"Radiation Effects in Electronics","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8677753210067749},{"id":"https://openalex.org/keywords/fault-injection","display_name":"Fault injection","score":0.6148130297660828},{"id":"https://openalex.org/keywords/fault","display_name":"Fault (geology)","score":0.6076352000236511},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5740762948989868},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.5502894520759583},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5407230257987976},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.47158849239349365},{"id":"https://openalex.org/keywords/abstraction","display_name":"Abstraction","score":0.43096643686294556},{"id":"https://openalex.org/keywords/countermeasure","display_name":"Countermeasure","score":0.4109504222869873},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.3775072991847992},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.33729711174964905},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.15321120619773865},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.12750741839408875}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8677753210067749},{"id":"https://openalex.org/C2775928411","wikidata":"https://www.wikidata.org/wiki/Q2041312","display_name":"Fault injection","level":3,"score":0.6148130297660828},{"id":"https://openalex.org/C175551986","wikidata":"https://www.wikidata.org/wiki/Q47089","display_name":"Fault (geology)","level":2,"score":0.6076352000236511},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5740762948989868},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.5502894520759583},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5407230257987976},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.47158849239349365},{"id":"https://openalex.org/C124304363","wikidata":"https://www.wikidata.org/wiki/Q673661","display_name":"Abstraction","level":2,"score":0.43096643686294556},{"id":"https://openalex.org/C21593369","wikidata":"https://www.wikidata.org/wiki/Q1032176","display_name":"Countermeasure","level":2,"score":0.4109504222869873},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.3775072991847992},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.33729711174964905},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.15321120619773865},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.12750741839408875},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C146978453","wikidata":"https://www.wikidata.org/wiki/Q3798668","display_name":"Aerospace engineering","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.0},{"id":"https://openalex.org/C165205528","wikidata":"https://www.wikidata.org/wiki/Q83371","display_name":"Seismology","level":1,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tifs.2020.3027143","is_oa":true,"landing_page_url":"https://doi.org/10.1109/tifs.2020.3027143","pdf_url":"https://ieeexplore.ieee.org/ielx7/10206/9151439/09206547.pdf","source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1109/tifs.2020.3027143","is_oa":true,"landing_page_url":"https://doi.org/10.1109/tifs.2020.3027143","pdf_url":"https://ieeexplore.ieee.org/ielx7/10206/9151439/09206547.pdf","source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.75,"display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G1815470512","display_name":null,"funder_award_id":"695022","funder_id":"https://openalex.org/F4320334678","funder_display_name":"European Research Council"},{"id":"https://openalex.org/G5717916917","display_name":null,"funder_award_id":"39078197","funder_id":"https://openalex.org/F4320320879","funder_display_name":"Deutsche Forschungsgemeinschaft"}],"funders":[{"id":"https://openalex.org/F4320320879","display_name":"Deutsche Forschungsgemeinschaft","ror":"https://ror.org/018mejw64"},{"id":"https://openalex.org/F4320334678","display_name":"European Research Council","ror":"https://ror.org/0472cxd90"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3091426308.pdf","grobid_xml":"https://content.openalex.org/works/W3091426308.grobid-xml"},"referenced_works_count":50,"referenced_works":["https://openalex.org/W131640530","https://openalex.org/W1493213353","https://openalex.org/W1495447492","https://openalex.org/W1524054636","https://openalex.org/W1587518092","https://openalex.org/W1588462372","https://openalex.org/W1600075072","https://openalex.org/W1975427173","https://openalex.org/W1985675294","https://openalex.org/W2049624985","https://openalex.org/W2057358220","https://openalex.org/W2066425771","https://openalex.org/W2072402822","https://openalex.org/W2082988283","https://openalex.org/W2085992264","https://openalex.org/W2095785650","https://openalex.org/W2110162979","https://openalex.org/W2110941647","https://openalex.org/W2111725598","https://openalex.org/W2144952508","https://openalex.org/W2155441237","https://openalex.org/W2169596872","https://openalex.org/W2259261795","https://openalex.org/W2295164941","https://openalex.org/W2479765057","https://openalex.org/W2502606459","https://openalex.org/W2560502449","https://openalex.org/W2624902176","https://openalex.org/W2719981865","https://openalex.org/W2754820511","https://openalex.org/W2794613733","https://openalex.org/W2806057431","https://openalex.org/W2889402643","https://openalex.org/W2954479288","https://openalex.org/W2954632784","https://openalex.org/W2974242627","https://openalex.org/W3006328817","https://openalex.org/W3019676640","https://openalex.org/W3135067613","https://openalex.org/W4243016930","https://openalex.org/W4246462834","https://openalex.org/W4251236654","https://openalex.org/W4256301847","https://openalex.org/W6605395062","https://openalex.org/W6629605495","https://openalex.org/W6631391511","https://openalex.org/W6644043060","https://openalex.org/W6682894607","https://openalex.org/W6721202590","https://openalex.org/W6724230623"],"related_works":["https://openalex.org/W2378749186","https://openalex.org/W2364088131","https://openalex.org/W2362741838","https://openalex.org/W622044715","https://openalex.org/W2378994067","https://openalex.org/W2347979151","https://openalex.org/W2162728361","https://openalex.org/W2366397149","https://openalex.org/W2350213425","https://openalex.org/W2085992264"],"abstract_inverted_index":{"Embedded":[0],"systems":[1],"are":[2,79,174,206,215,265],"ubiquitous.":[3],"However,":[4,54],"physical":[5,163],"access":[6],"of":[7,25,35,65,73,110,131,139,148,157,162,240],"users":[8],"and":[9,50,62,118,153,165,184,225,272],"likewise":[10],"attackers":[11],"makes":[12],"them":[13],"often":[14,56],"threatened":[15],"by":[16,90,198],"fault":[17,21,60,106,133,140,151,241,250,270],"attacks:":[18],"a":[19,26,32,70,98,123,136,179,185,233],"single":[20],"during":[22,276],"the":[23,111,146,154,203,246,255,277],"computation":[24],"cryptographic":[27],"primitive":[28],"can":[29,39,242],"lead":[30],"to":[31,69,120,248,268],"total":[33],"loss":[34],"system":[36],"security.":[37],"This":[38,67],"have":[40],"serious":[41],"consequences,":[42],"e.g.,":[43],"in":[44,202,209,262],"safety-critical":[45],"systems,":[46],"including":[47],"bodily":[48],"harm":[49],"catastrophic":[51],"technical":[52],"failures.":[53],"countermeasures":[55,159,258],"focus":[57],"on":[58,108,181],"isolated":[59,269],"models":[61,271],"high":[63],"layers":[64],"abstraction.":[66],"leads":[68],"dangerous":[71,155],"sense":[72],"security,":[74],"because":[75],"exploitable":[76,195],"faults":[77,196,214],"that":[78,192,232,235],"only":[80,216],"visible":[81,217],"at":[82,260],"machine":[83,220],"code":[84,221],"level":[85],"might":[86],"not":[87,266],"be":[88],"covered":[89],"countermeasures.":[91],"In":[92],"this":[93],"work":[94,253],"we":[95,144,230],"present":[96],"ARMORY,":[97,143],"fully":[99,149],"automated":[100,150],"open":[101],"source":[102],"framework":[103],"for":[104,125,177,257],"exhaustive":[105],"simulation":[107],"binaries":[109],"ubiquitous":[112],"ARM-M":[113],"class.":[114],"It":[115],"allows":[116],"engineers":[117],"analysts":[119],"efficiently":[121],"scan":[122],"binary":[124],"potential":[126],"weaknesses":[127],"against":[128,237],"arbitrary":[129],"combinations":[130],"multi-variate":[132],"injections":[134],"under":[135],"large":[137],"variety":[138],"models.":[141,251],"Using":[142],"demonstrate":[145],"power":[147],"analysis":[152],"implications":[156],"applying":[158],"without":[160],"knowledge":[161],"addresses":[164,224],"offsets.":[166],"We":[167],"exemplarily":[168],"analyze":[169],"two":[170],"case":[171],"studies,":[172],"which":[173,200],"highly":[175],"relevant":[176],"practice:":[178],"DFA":[180],"AES":[182],"(cryptographic)":[183],"secure":[186],"bootloader":[187],"(non-cryptographic).":[188],"Our":[189,252],"results":[190],"show":[191,231],"indeed":[193],"numerous":[194],"found":[197],"ARMORY":[199],"occur":[201],"actual":[204],"implementations":[205],"easily":[207],"missed":[208],"manual":[210],"inspection.":[211],"Crucially,":[212],"most":[213],"when":[218],"taking":[219],"information,":[222],"i.e.,":[223],"offsets,":[226],"into":[227],"account.":[228],"Surprisingly,":[229],"countermeasure":[234],"protects":[236],"one":[238],"type":[239],"actually":[243],"largely":[244],"increase":[245],"vulnerability":[247],"other":[249],"demonstrates":[254],"need":[256],"that,":[259],"least":[261],"their":[263],"evaluation,":[264],"restricted":[267],"consider":[273],"low-level":[274],"information":[275],"design":[278],"process.":[279]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":1}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}