Fault injection is a technique used more and more by attackers to break the security of your products. Though many might think that fault injection vulnerabilities only occur in hardware, in fact software offers even a bigger attack surface for these types of attacks. This True Code package will not only flag fault injection vulnerabilities to your developers, but will also flag the absence of proper protection patterns. True Code uses two technologies to efficiently search for these type of vulnerabilities: static analysis and simulation. Using a combination of these technologies will give you the best results possible, Making sure that every possible vulnerability is found without generating false positives.
Check on low hamming distance
Variables that contain a verdict on a security sensitive decision that is made in your code, should have a large hamming distance between a true and a false outcome to prevent for fault injection attacks. True Code checks on this.
Security sensitive decisions can be an easy target for fault injection attacks. That is why these decisions should be double or even tripple checked in your code. True Code checks on the absence of proper double check, taking into account compiler optimizations
Fault resitant loops
Loops in your code can be vulnerable for fault injection. A fault injection attempt could cause a loop to end improperly and in that way cause an unintended effect. True Code checks on proper loop completion measures to prevent this.
Double check on function results
When functions are used to give a verdict on a security sensitive decision, it is important that the outcome of such a function is double or triple checked. True Code signals the absence of such a pattern taking into account compiler optimizations.