PAF, the Physical Attack Framework
Welcome to PAF ! PAF is a suite of tools and libraries to learn about physical attacks, such as fault injection and side channels, and hopefully help harden code bases against those threats.
Requirements
To build PAF from source, you will need a C++ compiler compatible with C++14, and CMake.
A significant number of the PAF tools assumes that you at least have access to Tarmac traces. These are detailled traces of a program's execution, and they are generated by a number of Arm products, like software models of CPUs (e.g. FastModel).
PAF has the capability to directly drive a FastModel and perform a number of analysis. In order to use this capability, you will need to have access to a FastModel
Building
The simplest way to build PAF is:
$ cmake .
$ cmake --build .
A slightly more evolved way of building and testing PAF, in release mode with
debug info, using the clang
compiler, Ninja
build system and producing
a compile_commands.json
file looks like:
$ CC=clang CXX=clang++ cmake -S . -B build -G Ninja \
-DCMAKE_BUILD_TYPE:STRING=RelWithDebInfo \
-DCMAKE_EXPORT_COMPILE_COMMANDS:BOOL=ON
$ ln -s build/compile_commands.json .
$ ninja -C build/
$ ninja -C build/ test
Testing
PAF contains both unit testing and application level testing. Unit testing can
be performed using the test
target, whith no external dependencies.
Application level testing is a different story as it requires access to a
cross-compiler and a FastModel. If you have access to those, CMake
can
setup a test environment for you with:
$ CC=clang CXX=clang++ cmake -S . -B build -G Ninja \
-DCMAKE_BUILD_TYPE:STRING=RelWithDebInfo \
-DCMAKE_EXPORT_COMPILE_COMMANDS:BOOL=ON \
-DFVP_MODEL_DIR:PATH=/opt/FastModels/11.12/FVP_MPS2_Cortex-M3_CC312/models/Linux64_GCC-6.4/FVP_MPS2_Cortex-M3_CC312 \
-DFVP_PLUGINS_DIR:PATH=/opt/FastModels/11.12/FastModelsPortfolio_11.12/plugins/Linux64_GCC-6.4 \
-DARM_GCC_INSTALL_DIR:PATH=/opt/gcc-arm-none-eabi-10-2020-q4-major
Usage and documentation
For more information on PAF, the tools it provides and how to use them, see the main documentation.
License
PAF is distributed under the Apache v2.0 License.
Third party software
PAF requires third party software that is not included in PAF's source code repository. PAF's configure and build system, CMake, will automatically download, configure and build this third party software. As each of those third party software comes with its own specific license, you have to check their licenses complie with your own specific requirements.
The third party software used by PAF is:
- tarmac-trace-utilities, licensed under https://github.com/ARM-software/tarmac-trace-utilities/blob/main/LICENSE.txt, is the library that provides PAF with the fondations for efficiently manipulating tarmac traces.
- pyyaml,
and pyelftools,
and tqdm are used by
run-model.py
and ancilliary tools. - GoogleTest, licensed under https://github.com/google/googletest/blob/main/LICENSE, is the unit testing framework used by PAF.
- numpy, licensed under https://github.com/numpy/numpy/blob/main/LICENSE.txt, is used by some unit tests.
Feedback, contributions and support
Please use the GitHub issue tracker associated with this repository for feedback.
Code contributions are most welcomed. Please make sure they stick to the style used in the rest of the PAF code and submit them via GitHub pull requests.