{"id":"https://openalex.org/W3091426308","doi":"https://doi.org/10.1109/tifs.2020.3027143","title":"ARMORY: Fully Automated and Exhaustive Fault Simulation on ARM-M Binaries","display_name":"ARMORY: Fully Automated and Exhaustive Fault Simulation on ARM-M Binaries","publication_year":2021,"publication_date":"2021-01-01","ids":{"openalex":"https://openalex.org/W3091426308","doi":"https://doi.org/10.1109/tifs.2020.3027143","mag":"3091426308"},"language":"en","primary_location":{"is_oa":true,"landing_page_url":"https://doi.org/10.1109/tifs.2020.3027143","pdf_url":"https://ieeexplore.ieee.org/ielx7/10206/9151439/09206547.pdf","source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","version":"publishedVersion","is_accepted":true,"is_published":true},"type":"article","type_crossref":"journal-article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://ieeexplore.ieee.org/ielx7/10206/9151439/09206547.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5091246257","display_name":"Max Hoffmann","orcid":"https://orcid.org/0000-0002-6964-7123"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]},{"id":"https://openalex.org/I4210096592","display_name":"Max Planck Institute for Security and Privacy","ror":"https://ror.org/00bj0r217","country_code":"DE","type":"facility","lineage":["https://openalex.org/I149899117","https://openalex.org/I4210096592"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Max Hoffmann","raw_affiliation_string":"Horst G\u00f6rtz Institute for IT-Security, Ruhr University Bochum, Bochum, Germany; Max Planck Institute for Security and Privacy, Bochum, Germany","raw_affiliation_strings":["Horst G\u00f6rtz Institute for IT-Security, Ruhr University Bochum, Bochum, Germany","Max Planck Institute for Security and Privacy, Bochum, Germany"]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088701632","display_name":"Falk Schellenberg","orcid":"https://orcid.org/0000-0001-8353-7564"},"institutions":[{"id":"https://openalex.org/I4210096592","display_name":"Max Planck Institute for Security and Privacy","ror":"https://ror.org/00bj0r217","country_code":"DE","type":"facility","lineage":["https://openalex.org/I149899117","https://openalex.org/I4210096592"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Falk Schellenberg","raw_affiliation_string":"[Max Planck Institute for Security and Privacy, Bochum, Germany]","raw_affiliation_strings":["[Max Planck Institute for Security and Privacy, Bochum, Germany]"]},{"author_position":"last","author":{"id":"https://openalex.org/A5041748332","display_name":"Christof Paar","orcid":"https://orcid.org/0000-0001-8681-2277"},"institutions":[{"id":"https://openalex.org/I4210096592","display_name":"Max Planck Institute for Security and Privacy","ror":"https://ror.org/00bj0r217","country_code":"DE","type":"facility","lineage":["https://openalex.org/I149899117","https://openalex.org/I4210096592"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Christof Paar","raw_affiliation_string":"[Max Planck Institute for Security and Privacy, Bochum, Germany]","raw_affiliation_strings":["[Max Planck Institute for Security and Privacy, Bochum, Germany]"]}],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"has_fulltext":true,"fulltext_origin":"pdf","cited_by_count":6,"cited_by_percentile_year":{"min":86,"max":87},"biblio":{"volume":"16","issue":null,"first_page":"1058","last_page":"1073"},"is_retracted":false,"is_paratext":false,"primary_topic":{"id":"https://openalex.org/T11005","display_name":"Fault Tolerance in Electronic Systems","score":0.9997,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11005","display_name":"Fault Tolerance in Electronic Systems","score":0.9997,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Language-based Information Flow Security","score":0.999,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptanalysis of Block Ciphers and Hash Functions","score":0.9989,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"keyword":"exhaustive fault simulation","score":0.5542},{"keyword":"binaries","score":0.4287}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8677753},{"id":"https://openalex.org/C2775928411","wikidata":"https://www.wikidata.org/wiki/Q2041312","display_name":"Fault injection","level":3,"score":0.614813},{"id":"https://openalex.org/C175551986","wikidata":"https://www.wikidata.org/wiki/Q47089","display_name":"Fault (geology)","level":2,"score":0.6076352},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5740763},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.55028945},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.540723},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4715885},{"id":"https://openalex.org/C124304363","wikidata":"https://www.wikidata.org/wiki/Q673661","display_name":"Abstraction","level":2,"score":0.43096644},{"id":"https://openalex.org/C21593369","wikidata":"https://www.wikidata.org/wiki/Q1032176","display_name":"Countermeasure","level":2,"score":0.41095042},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.3775073},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.3372971},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.1532112},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.12750742},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C165205528","wikidata":"https://www.wikidata.org/wiki/Q83371","display_name":"Seismology","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.0},{"id":"https://openalex.org/C146978453","wikidata":"https://www.wikidata.org/wiki/Q3798668","display_name":"Aerospace engineering","level":1,"score":0.0},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"is_oa":true,"landing_page_url":"https://doi.org/10.1109/tifs.2020.3027143","pdf_url":"https://ieeexplore.ieee.org/ielx7/10206/9151439/09206547.pdf","source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","version":"publishedVersion","is_accepted":true,"is_published":true},{"is_oa":true,"landing_page_url":"https://arxiv.org/abs/2105.13769","pdf_url":"https://arxiv.org/pdf/2105.13769","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":["Cornell University"],"type":"repository"},"license":null,"version":"submittedVersion","is_accepted":false,"is_published":false}],"best_oa_location":{"is_oa":true,"landing_page_url":"https://doi.org/10.1109/tifs.2020.3027143","pdf_url":"https://ieeexplore.ieee.org/ielx7/10206/9151439/09206547.pdf","source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","version":"publishedVersion","is_accepted":true,"is_published":true},"sustainable_development_goals":[{"score":0.75,"display_name":"Peace, justice, and strong institutions","id":"https://metadata.un.org/sdg/16"}],"grants":[{"funder":"https://openalex.org/F4320320879","funder_display_name":"Deutsche Forschungsgemeinschaft","award_id":"39078197"},{"funder":"https://openalex.org/F4320334678","funder_display_name":"European Research Council","award_id":"695022"}],"referenced_works_count":27,"referenced_works":["https://openalex.org/W1588462372","https://openalex.org/W1600075072","https://openalex.org/W1985675294","https://openalex.org/W2049624985","https://openalex.org/W2057358220","https://openalex.org/W2066425771","https://openalex.org/W2072402822","https://openalex.org/W2082988283","https://openalex.org/W2085992264","https://openalex.org/W2095785650","https://openalex.org/W2110162979","https://openalex.org/W2111725598","https://openalex.org/W2144952508","https://openalex.org/W2169596872","https://openalex.org/W2259261795","https://openalex.org/W2295164941","https://openalex.org/W2560502449","https://openalex.org/W2624902176","https://openalex.org/W2754820511","https://openalex.org/W2974242627","https://openalex.org/W3006328817","https://openalex.org/W3019676640","https://openalex.org/W3135067613","https://openalex.org/W4243016930","https://openalex.org/W4246462834","https://openalex.org/W4251236654","https://openalex.org/W4256301847"],"related_works":["https://openalex.org/W2085992264","https://openalex.org/W2378749186","https://openalex.org/W2364088131","https://openalex.org/W2362741838","https://openalex.org/W622044715","https://openalex.org/W2378994067","https://openalex.org/W2347979151","https://openalex.org/W2162728361","https://openalex.org/W2366397149","https://openalex.org/W2350213425"],"ngrams_url":"https://api.openalex.org/works/W3091426308/ngrams","abstract_inverted_index":{"Embedded":[0],"systems":[1],"are":[2,79,174,206,215,265],"ubiquitous.":[3],"However,":[4,54],"physical":[5,163],"access":[6],"of":[7,25,35,65,73,110,131,139,148,157,162,240],"users":[8],"and":[9,50,62,118,153,165,184,225,272],"likewise":[10],"attackers":[11],"makes":[12],"them":[13],"often":[14,56],"threatened":[15],"by":[16,90,198],"fault":[17,21,60,106,133,140,151,241,250,270],"attacks:":[18],"a":[19,26,32,70,98,123,136,179,185,233],"single":[20],"during":[22,276],"the":[23,111,146,154,203,246,255,277],"computation":[24],"cryptographic":[27],"primitive":[28],"can":[29,39,242],"lead":[30],"to":[31,69,120,248,268],"total":[33],"loss":[34],"system":[36],"security.":[37],"This":[38,67],"have":[40],"serious":[41],"consequences,":[42],"e.g.,":[43],"in":[44,202,209,262],"safety-critical":[45],"systems,":[46],"including":[47],"bodily":[48],"harm":[49],"catastrophic":[51],"technical":[52],"failures.":[53],"countermeasures":[55,159,258],"focus":[57],"on":[58,108,181],"isolated":[59,269],"models":[61,271],"high":[63],"layers":[64],"abstraction.":[66],"leads":[68],"dangerous":[71,155],"sense":[72],"security,":[74],"because":[75],"exploitable":[76,195],"faults":[77,196,214],"that":[78,192,232,235],"only":[80,216],"visible":[81,217],"at":[82,260],"machine":[83,220],"code":[84,221],"level":[85],"might":[86],"not":[87,266],"be":[88],"covered":[89],"countermeasures.":[91],"In":[92],"this":[93],"work":[94,253],"we":[95,144,230],"present":[96],"ARMORY,":[97,143],"fully":[99,149],"automated":[100,150],"open":[101],"source":[102],"framework":[103],"for":[104,125,177,257],"exhaustive":[105],"simulation":[107],"binaries":[109],"ubiquitous":[112],"ARM-M":[113],"class.":[114],"It":[115],"allows":[116],"engineers":[117],"analysts":[119],"efficiently":[121],"scan":[122],"binary":[124],"potential":[126],"weaknesses":[127],"against":[128,237],"arbitrary":[129],"combinations":[130],"multi-variate":[132],"injections":[134],"under":[135],"large":[137],"variety":[138],"models.":[141,251],"Using":[142],"demonstrate":[145],"power":[147],"analysis":[152],"implications":[156],"applying":[158],"without":[160],"knowledge":[161],"addresses":[164,224],"offsets.":[166],"We":[167],"exemplarily":[168],"analyze":[169],"two":[170],"case":[171],"studies,":[172],"which":[173,200],"highly":[175],"relevant":[176],"practice:":[178],"DFA":[180],"AES":[182],"(cryptographic)":[183],"secure":[186],"bootloader":[187],"(non-cryptographic).":[188],"Our":[189,252],"results":[190],"show":[191,231],"indeed":[193],"numerous":[194],"found":[197],"ARMORY":[199],"occur":[201],"actual":[204],"implementations":[205],"easily":[207],"missed":[208],"manual":[210],"inspection.":[211],"Crucially,":[212],"most":[213],"when":[218],"taking":[219],"information,":[222],"i.e.,":[223],"offsets,":[226],"into":[227],"account.":[228],"Surprisingly,":[229],"countermeasure":[234],"protects":[236],"one":[238],"type":[239],"actually":[243],"largely":[244],"increase":[245],"vulnerability":[247],"other":[249],"demonstrates":[254],"need":[256],"that,":[259],"least":[261],"their":[263],"evaluation,":[264],"restricted":[267],"consider":[273],"low-level":[274],"information":[275],"design":[278],"process.":[279]},"cited_by_api_url":"https://api.openalex.org/works?filter=cites:W3091426308","counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":1}],"updated_date":"2024-03-16T14:00:03.999001","created_date":"2020-10-08"}