Dietrich, ChristianChristianDietrichBargholz, MalteMalteBargholzLoeck, YannickYannickLoeckBudoj, MarcelMarcelBudojNedaskowskij, LucaLucaNedaskowskijLohmann, DanielDanielLohmann2022-09-122022-09-122022-09International Conference on Computer Safety, Reliability, and Security (SAFECOMP 2022)http://hdl.handle.net/11420/13583For systematic fault injection (FI), we deterministically re-execute a program, introduce faults, and observe the program outcome to assess its resilience in the presence of transient hardware faults. For this, simulation-assisted ISA-level FI provides a good trade-off between result quality and the required time to execute the FI campaign. However, for each architecture, this requires a specialized ISA simulator with tracing, injection, and error observation capabilities; a dependency that not only increases the bar for the exploration of ISA-level hardening mechanisms, but which can also deviate from the behavior of the actual hardware, especially when an error propagates through the system and triggers semantic edge cases. With SailFAIL, we propose a model-driven approach to derive FI platforms from Sail models, which formally describe the ISA semantics. Based on two existing (RISC-V, CHERI RISC-V) and one newly introduced (AVR) Sail models, we use the Sail toolchain to derive emulators that we combine with the FAIL* framework into multiple new FI platforms. Furthermore, we extend Sail to automatically introduce bit-wise dynamic register tracing into the emulator, which enables us to harvest bit-wise access information that we use to improve the well-known def-use pruning technique. Thereby, we further reduce the number of necessary injections by up to 19%.enAllgemeines, WissenschaftConference Paper10.1007/978-3-031-14835-4_14Other