probe_placement - ChairImpSec/PROLEAD GitHub Wiki

Type

JSON Object

Default

By default, PROLEAD includes all wires in the placement process without excluding any.

/* Default configuration (not given in the settings file) */
"side_channel_analysis": {
    "probe_placement": {
      "include": {
        "signals": ".*",
        "paths": ".*"
      },
      "exclude": {
        "signals": "(?!)",
        "paths": "(?!)"
      }	 
    }
  }
}

Description

Limit the set of wires where an adversary can place probes, enabling you to avoid unnecessary wires and focus on those of particular interest. This configuration relies on include and exclude settings, which use regular expressions (regex) to specify the wires of interest.

  • If the include setting is defined first, all wires matching the include regex will be considered for evaluation, provided they do not match the subsequent exclude regex.
  • Similarly, if the exclude setting is defined first, all wires matching the exclude regex will be excluded, unless they match the following include regex.

Additionally, both include and exclude settings consist of two regex patterns, defined through the signals and paths options:

  • If a wire matches the signals regex, only that specific wire is included or excluded.
  • If a wire matches the paths regex, the wire is included or excluded along with all wires that can be reached through a glitch extension starting from that wire.

Impact

For a comprehensive security evaluation, we recommend using the default settings. However, if the focus is on specific wires, this configuration significantly reduces both runtime and memory usage. We recommend setting all path regex patterns to (?!) or another non-matching pattern when they are not explicitly required. If a signal matches the path regex, PROLEAD begins computing the extension starting from the matched signal, which can be time-consuming.

Examples

/* Example 1*/
"side_channel_analysis": {
    "probe_placement":
    {
      "include": {
        "signals": "port_c\\[[0-1]\\]",
        "paths": "(?!)"
      },
      "exclude": {
        "signals": "port_c\\[[0]\\]",
        "paths": "(?!)"
      }	
    }
}

/* Example 2*/
"side_channel_analysis": {
    "probe_placement":
    {
      "include": {
        "signals": "(?!)",
        "paths": "port_c\\[[0-1]\\]"
      },
      "exclude": {
        "signals":"(?!)",
        "paths": "port_c\\[[0]\\]"
      }	
    }
}

In the first example, probes are initially allowed on two wires, port_c[0] and port_c[1]. Next, port_c[0] is excluded, effectively limiting probes to only port_c[1]. In the second example, all wires that can be reached by glitch-extending probes from port_c[0] or port_c[1] are included. Afterward, wires reached by glitch-extending from port_c[0] are excluded. As a result, any probes reached through glitch-extension from either port_c[0] or port_c[1] are excluded.

Suggested Articles

  • To learn about settings that can halt probe extensions due to glitches at specific points, see extension_routes.
  • To learn how to exclude specific probes from a probing set during evaluation, see observed_extensions.