Error injection is a proven method of driving an otherwise protected microprocessor architecture into an unintended state. Therefore, there is a technical necessity to detect such changes in the control flow of the system during run-time.
Depending on the targeted security level and price of the security product, dual modular redundant architectures are employed, which use single voters or checkers employing pre-computed signatures. While the additional memory needed for pre-computed signatures are sometimes not preferable in resource-constraint systems like smart-cards, dual modular redundant implementations are widely used in high security applications.
The complete replication of the main processor unit has inter alia two disadvantages. At first, the needed space doubles accordingly and there is an additional comparison logic needed to compare the results of both cores. Secondly, this comparison logic or voter constitutes a sensible part of the system that has to be specifically hardened against attacks.
It would be highly beneficial if improved concepts for detecting error injection would be provided.