Mentions légales du service

Skip to content
Snippets Groups Projects

About this repository

  • This is the source code of TRAITOR (TRAnsportable glItch aTtack platfORm), a FPGA platform used for fault injection, specifically clock glitch fault injection. More details in our paper [1].
  • VHDL has been created with Vivado version 2018.3. You should synthetized the code with this specific version, or with another one that has been tested : 2019.2. Both versions produce a working synthesis. Results with other versions is unknown.
  • FPGA target is the Arty A7-35T [2]
  • Attacked device in the paper is the STM32F100RB [3], a.k.a. STM32F1Discovery-VL
  • If you use TRAITOR, please cite our paper [1].

Usage

To configure the FPGA, use any software that can communicate on serial port and use this configuration:

  • Baud rate : 115200
  • Bits : 8
  • Stopbits : 1
  • Parity : None
  • Flow control : None

Here's the memory layout of the FPGA. Address 0x00 is used for a specific parameter called amplitude (see paper). Each glitch is coded on 8 bytes: 4 bytes for the delay, 4 bytes for the width. User can encode up to 31 glitches.

Variable Adresse Value
Amplitude 0x00 [0xE0-0xF0]
Delay 1 [0x01-0x04] User defined
Width 1 [0x05-0x08] User defined
Delay 2 [0x09-0x0C] User defined
Width 2 [0x0D-0x10] Used defined
... ... ...

References