P. Kocher, « Spectre attacks: Exploiting speculative execution, 2018.

M. Lipp, , 2018.

S. Nie, L. Liu, and Y. Du, « Free-fall: hacking tesla from wireless to CAN bus, pp.1-16, 2017.

P. Kocher, J. Jaffe, and B. Jun, Introduction to differential power analysis and related attacks, 1998.

S. Micali and L. Reyzin, Physically observable cryptography, pp.278-296, 2004.

N. Timmers, « Bypassing Secure Boot using Fault Injection », in black hat, 2016.

B. Colombier, A. Menu, J. Dutertre, P. Moëllic, J. Rigaud et al., Laser-induced Single-bit Faults in Flash Memory: Instructions Corruption on a 32-bit Microcontroller
URL : https://hal.archives-ouvertes.fr/hal-02344050

A. Vasselle, H. Thiebeauld, Q. Maouhoub, A. Morisset, and E. S. Ermeneux, « Laser-induced fault injection on smartphone bypassing the secure boot, IEEE Transactions on Computers, 2018.

S. Tajik, H. Lohrke, J. Seifert, and C. Boit, « On the power of optical contactless probing: Attacking bitstream encryption of FPGAs, Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp.1661-1674, 2017.

A. Cui, R. Housley, and «. Badfet, Defeating Modern Secure Boot Using Second-Order Pulsed Electromagnetic Fault Injection, 11th USENIX Workshop on Offensive Technologies, 2017.

N. Timmers, A. Spruyt, and M. Witteman, 2016 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp.25-35, 2016.

R. Muresan and C. Gebotys, « Current flattening in software and hardware for security applications, Proceedings of the 2nd IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis, pp.218-223, 2004.

K. Tiri, M. Akmal, and E. I. Verbauwhede, « A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards, Proceedings of the 28th European solid-state circuits conference, pp.403-406, 2002.

J. Irwin, D. Page, and N. P. Smart, « Instruction stream mutation for non-deterministic processors, Proceedings IEEE International Conference on Application-Specific Systems, Architectures, and Processors, pp.286-295, 2002.

J. A. Ambrose, R. G. Ragel, and E. S. Parameswaran, « RIJID: random code injection to mask power analysis based side channel attacks, Proceedings of the 44th annual Design Automation Conference, pp.489-492, 2007.

S. Skorobogatov, « Physical attacks and tamper resistance, Introduction to Hardware Security and Trust, pp.143-173, 2012.

M. A. Wahab, P. Cotret, M. N. Allah, G. Hiet, V. Lapotre et al., A hardware extension for DIFT on ARM-based SoCs, 2017 27th International Conference on Field Programmable Logic and Applications (FPL, pp.1-7, 2017.
URL : https://hal.archives-ouvertes.fr/hal-01558473

. Globalplatform, GlobalPlatform Device Committee TEE Protection Profile Version 1.2.1, TEE Protection Profile

«. Globalplatform, TEE client API specification version 1, 2010.

A. , « Security technology building a secure system using trustzone technology (white paper) », ARM Limited, 2009.

L. Bossuet, Sécurité des systèmes embarqués », 2018.

U. Kanonov and A. Wool, Proceedings of the 6th Workshop on Security and Privacy in Smartphones and Mobile Devices, pp.3-12, 2016.

«. Qsee and . Qsee,

, Security Target Kinibi v311A Security Target, 2017.

. Sierratee, , 2012.

. Op-tee, O. Project, and G. Repository, , 2017.

. T. B.-mcgillion, T. Dettenborn, N. Nyman, and . Asokan, « Open-TEE -an open virtual trusted execution environment, 2015.

«. Toppers and . Safeg,

S. Pinto, N. Santos, . Demystifying-arm, and . Trustzone, Comprehensive Survey », ACM Computing Surveys (CSUR), vol.51, issue.6, p.130, 2019.

S. Chow, P. Eisen, H. Johnson, and P. C. Van-oorschot, « White-box cryptography and an AES implementation, International Workshop on Selected Areas in Cryptography, pp.250-270, 2002.

. Xilinx, Zynq UltraScale+ MPSoC Technical Reference Manual UG1085 (v1.0), 2015.

«. Intel, Intel Stratix 10 Hard ProcessorSystem Technical Reference Manual, 2019.

V. Kindratenko and D. Pointer, « A case study in porting a production scientific supercomputing application to a reconfigurable computer, 14th Annual IEEE Symposium on Field-Programmable Custom Computing Machines, pp.13-22, 2006.

A. Holdings, ACE Protocol Specification, 2011.

A. Holdings, ARM system memory management unit architecture specification-SMMU architecture version 2.0, 2013.

I. Amd and O. Virtualization, « Technology (IOMMU) Specification, 2007.

«. Xilinx and . Zynq, 7000 All Programmable SoC Technical Reference Manual, UG585 v1, vol.11, 2016.

A. Arm and . Cortex-a9-trustzone-example, , 2013.

A. Moradi, A. Barenghi, T. Kasper, and C. Paar, « On the vulnerability of FPGA bitstream encryption against power analysis attacks: extracting keys from xilinx Virtex-II FPGAs, Proceedings of the 18th ACM conference on Computer and communications security, pp.111-124, 2011.

D. Guillaume and A. Iván, « Vulnerabilities in High Assurance Boot of NXP i.MX microprocessors, 2017.

O. Savry, T. Hiscock, and M. E. Majihi, Sécurité matérielle des systèmes: Vulnérabilité des processeurs et techniques d'exploitation. Dunod, 2019.

F. Majeric, B. Gonzalvo, and L. Bossuet, « Jtag combined attack-another approach for fault injection, 2016 8th IFIP International Conference on New Technologies, Mobility and Security (NTMS), pp.1-5, 2016.

F. Majeric, Etude d'attaques matérielles et combinées sur les "System-on-chip" », 2018.

A. Moradi, D. Oswald, C. Paar, and P. Swierczynski, Side-channel attacks on the bitstream encryption mechanism of Altera Stratix II: facilitating black-box analysis using software reverse-engineering, Proceedings of the ACM/SIGDA international symposium on Field programmable gate arrays, pp.91-100, 2013.

A. Moradi and T. Schneider, « Improved side-channel analysis attacks on xilinx bitstream encryption of 5, 6, and 7 series, International Workshop on Constructive Side-Channel Analysis and Secure Design, pp.71-87, 2016.

N. Jacob, J. Heyszl, A. Zankl, C. Rolfes, and G. Sigl, « How to break secure boot on fpga socs through malicious hardware, International Conference on Cryptographic Hardware and Embedded Systems, pp.425-442, 2017.

W. Li, Y. Xia, L. Lu, H. Chen, B. Zang et al., virtualizing trusted execution environments on mobile platforms, Proceedings of the 15th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, pp.2-16, 2019.

P. Carru, Attack TrustZone with Rowhammer, 2017.

V. Van-der-veen, Deterministic rowhammer attacks on mobile platforms, Proceedings of the 2016 ACM SIGSAC conference on computer and communications security, pp.1675-1689, 2016.

J. A. Halderman, Lest we remember: cold-boot attacks on encryption keys, vol.52, pp.91-98, 2009.

P. Pessl, D. Gruss, C. Maurice, M. Schwarz, S. Mangard et al., Exploiting DRAM Addressing for Cross-CPU Attacks, 25th USENIX Security Symposium (USENIX Security 16, pp.565-581, 2016.

S. Chaudhuri, « A security vulnerability analysis of SoCFPGA architectures, 2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC), pp.1-6, 2018.

B. Gras, K. Razavi, E. Bosman, H. Bos, and C. Giuffrida, ASLR on the Line: Practical Cache Attacks on the MMU. », in NDSS, vol.17, p.26, 2017.

D. Gruss, C. Maurice, K. Wagner, and E. S. Mangard, « Flush+ Flush: a fast and stealthy cache attack, International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp.279-299, 2016.

Y. Yarom and K. Falkner, « FLUSH+ RELOAD: a high resolution, low noise, L3 cache side-channel attack, 23rd USENIX Security Symposium (USENIX Security 14), pp.719-732, 2014.

B. Gras, K. Razavi, H. Bos, and C. Giuffrida, « Translation leak-aside buffer: Defeating cache sidechannel protections with ${$TLB$}$ attacks, 27th USENIX Security Symposium (USENIX Security 18), pp.955-972, 2018.

D. A. Osvik and A. Shamir, Tromer, « Cache attacks and countermeasures: the case of AES, Cryptographers' track at the RSA conference, pp.1-20, 2006.

M. Lipp, D. Gruss, R. Spreitzer, C. Maurice, S. Mangard et al., Cache attacks on mobile devices, 25th ${$USENIX$}$ Security Symposium (${$USENIX$}$ Security 16), pp.549-564, 2016.

A. Tang, S. Sethumadhavan, S. Stolfo, and . Clkscrew, Exposing the Perils of Security-Oblivious Energy Management, 2018.

J. Krautter, D. R. Gnad, M. B. Tahoori, and . Fpgahammer, remote voltage fault attacks on shared FPGAs, suitable for DFA on AES », IACR Transactions on Cryptographic Hardware and Embedded Systems, pp.44-68, 2018.

M. Zhao and G. E. Suh, « FPGA-based remote power side-channel attacks, 2018 IEEE Symposium on Security and Privacy, pp.229-244, 2018.

L. Bossuet, P. Bayon, and V. Fischer, « Electromagnetic transmission of intellectual property data to protect FPGA designs, IFIP/IEEE International Conference on Very Large Scale Integration-System on a Chip, pp.150-169, 2015.

E. Benhani and L. Bossuet, « Design a TrustZone-enalble SoC usign Xilinx VIVADO CAD tool, 2017.

C. Benhani-el-mehdi, A. Marchand, L. Aubert, and . Bossuet, On the security evaluation of the ARM TrustZone extension in a heterogeneous SoC, 2017 30th IEEE International System-on-Chip Conference (SOCC, pp.108-113, 2017.

E. Benhani, L. Bossuet, and E. A. Aubert, « The Security of ARM TrustZone in a FPGA-based SoC, IEEE Transactions on Computers, vol.68, issue.8, pp.1238-1248, 2019.

, « (UG835) Vivado Design Suite Tcl Command Reference Guide, 2013.

N. Fern, I. San, C. K. Koç, and K. T. Cheng, « Hardware trojans in incompletely specified on-chip bus systems, Proceedings of the 2016 Conference on Design, pp.527-530, 2016.

R. J. Masti, D. Rai, A. Ranganathan, C. Müller, L. Thiele et al., « Thermal covert channels on multi-core platforms, 24th ${$USENIX$}$ Security Symposium (${$USENIX$}$ Security 15, pp.865-880, 2015.

M. Alagappan, J. Rajendran, M. Doroslova?ki, and G. Venkataramani, « DFS covert channels on multicore platforms, 2017 IFIP/IEEE International Conference on Very Large Scale Integration, pp.1-6, 2017.

L. Bossuet, P. Bayon, and V. Fischer, « An Ultra-Lightweight Transmitter for Contactless Rapid Identification of Embedded IP in FPGA, IEEE Embedded Systems Letters, vol.7, pp.1-1, 2015.

L. , Bossuet et others, « DVFS as a Security Failure of TrustZone-enabled Heterogeneous SoC, 2018 25th IEEE International Conference on Electronics, Circuits and Systems (ICECS), pp.489-492, 2018.

M. Kim, S. Kong, B. Hong, L. Xu, W. Shi et al., « Evaluating coherence-exploiting hardware trojan, Design, Automation & Test in Europe Conference & Exhibition (DATE, pp.157-162, 2017.

J. Daemen and V. Rijmen, The design of Rijndael: AES-the advanced encryption standard, 2013.

D. J. Bernstein, « Cache-timing attacks on AES, 2005.

B. Gülmezo?lu, M. S. Inci, G. Irazoqui, and T. Eisenbarth, Sunar, « A faster and more realistic flush+ reload attack on AES, International Workshop on Constructive Side-Channel Analysis and Secure Design, pp.111-126, 2015.

E. Sava? and C. Y?lmaz, « A generic method for the analysis of a class of cache attacks: a case study for AES, The Computer Journal, vol.58, issue.10, pp.2716-2737, 2015.

E. Tromer, D. A. Osvik, and A. Shamir, Efficient cache attacks on AES, and countermeasures », vol.23, pp.37-71, 2010.

E. Hallett, Isolation Design Flow for Xilinx 7 Series FPGAs or Zynq-7000 AP SoCs (Vivado Tools)

L. B. Benhani-el-mehdi,

C. De, Canniere et B. Preneel, « Trivium specifications, eSTREAM, ECRYPT Stream Cipher Project, 2005.

S. Babbage, The eSTREAM portfolio », eSTREAM, ECRYPT Stream Cipher Project, pp.1-6, 2008.

M. Hell, T. Johansson, A. Maximov, and E. W. Meier, « A stream cipher proposal: Grain-128, 2006 IEEE International Symposium on Information Theory, pp.1614-1618, 2006.