EM Fault Injection on ARM and RISC-V

Mahmoud A. Elmohr, Haohao Liao, Catherine H. Gebotys
University of waterloo


Recently Electro-Magnetic Fault Injection (EMFI) techniques have been found to have significant implications on the security of embedded devices. Unfortunately, there is still a lack of understanding of EM faults and countermeasures for embedded processors. For the first time, this paper empirically shows that EMFI can cause skipping/faulting of more than one instruction on a 320MHz RISC-V processor, thus making it susceptible to a wider range of attacks. Additionally, empirical results on ARM Cortex M0 and RISC-V embedded processors show that EMFI is more susceptible at lower supply voltages and higher clock frequencies. Exception codes are also shown to be useful in understanding details of injected faults, providing further evidence that instructions have been corrupted in many cases. This research aims to enhance understanding faults, in order to better design countermeasures for embedded processors resistant to fault injection attacks.