Arbitrary Code Execution on RISC-V Using Fault Injection

Explore cutting-edge research on arbitrary code execution in RISC-V architecture using fault injection techniques in this conference talk from Nullcon International Security Conference. Delve into alternative methods for gaining code execution through fault attacks, targeting instructions that alter program control flow. Discover new fault models that challenge the ISA programmer model and require understanding of hardware implementation. Learn about the practical demonstration of these attacks on a commercial RISC-V SoC and their implications for embedded device security, particularly secure boot processes. Gain insights from security experts Praveen Vadnala and Nils Wiersma as they discuss the challenges of exploiting RISC-V's unique characteristics, including its lack of direct Program Counter access, and present innovative approaches to overcome these obstacles.

Arbitrary code execution on RISC-V using fault injection | Praveen Vadnala & Nils Wiersma | Nullcon