Pascal Nasahl,Martin Unterguggenberger,Rishub Nagpal,Robert Schilling,David Schrammel,Stefan Mangard

DOI: https://doi.org/10.48550/arXiv.2208.01356

2022-08-02

Abstract:Fault injection (FI) is a powerful attack methodology allowing an adversary to entirely break the security of a target device. As finite-state machines (FSMs) are fundamental hardware building blocks responsible for controlling systems, inducing faults into these controllers enables an adversary to hijack the execution of the integrated circuit. A common defense strategy mitigating these attacks is to manually instantiate FSMs multiple times and detect faults using a majority voting logic. However, as each additional FSM instance only provides security against one additional induced fault, this approach scales poorly in a multi-fault attack scenario. In this paper, we present SCFI: a strong, probabilistic FSM protection mechanism ensuring that control-flow deviations from the intended control-flow are detected even in the presence of multiple faults. At its core, SCFI consists of a hardened next-state function absorbing the execution history as well as the FSM's control signals to derive the next state. When either the absorbed inputs, the state registers, or the function itself are affected by faults, SCFI triggers an error with no detection latency. We integrate SCFI into a synthesis tool capable of automatically hardening arbitrary unprotected FSMs without user interaction and open-source the tool. Our evaluation shows that SCFI provides strong protection guarantees with a better area-time product than FSMs protected using classical redundancy-based approaches. Finally, we formally verify the resilience of the protected state machines using a pre-silicon fault analysis tool.

Cryptography and Security

Fan Zhang,Xinjie Zhao,Wei He,Shivam Bhasin,Shize Guo

DOI: https://doi.org/10.1007/s11432-016-0233-0

2017-01-01

Science China Information Sciences

Abstract:>Fault analysis is a very powerful technique to break cryptographic implementations.In particular,bitlevel fault analysis(BLFA),where faults are injected by flipping one or a few isolated bits,are among the most efficient of the lot.BLFA requires both precise fault injection capabilities and sophisticated key extraction skills.Algebraic fault analysis(AFA)[1]is a good analysis technique for BLFA.Compared with differential fault analysis(DFA),AFA relies on the automation from machine solvers.Since it fully utilizes the leakages

Muhtadi Choudhury,Minyan Gao,Avinash Varna,Elad Peer,Domenic Forte

2024-11-05

Abstract:Finite state machines (FSMs) regulate sequential circuits, including access to sensitive information and privileged CPU states. Courtesy of contemporary research on laser attacks, laser-based fault injection (LFI) is becoming even more precise where an adversary can thwart chip security by altering individual flip-flop (FF) values. Different laser models, e.g., bit flip, bit set, and bit reset, have been developed to appreciate LFI on practical targets. As traditional approaches may incorporate substantial overhead, state-based SPARSE and transition-based TAMED countermeasures were proposed in our prior work to improve FSM resiliency efficiently. TAMED overcame SPARSE's limitation of being too conservative, and generating multiple LFI resilient encodings for contemporary LFI models on demand. SPARSE, however, incorporated design layout information into its vulnerability estimation which makes its vulnerability estimation metric more accurate. In this paper, we extend TAMED by proposing a transition-based encoding CAD framework (TRANSPOSE), that incorporates spatial transitional vulnerability metrics to quantify design susceptibility of FSMs based on both the bit flip model and the set-reset models. TRANSPOSE also incorporates floorplan optimization into its framework to accommodate secure spatial inter-distance of FF-sensitive regions. All TRANSPOSE approaches are demonstrated on 5 multifarious benchmarks and outperform existing FSM encoding schemes/frameworks in terms of security and overhead.

Cryptography and Security

Qiang Liu,Honghui Tang,Peiran Zhang

DOI: https://doi.org/10.1145/3480962

IF: 1.447

2022-01-31

ACM Transactions on Design Automation of Electronic Systems

Abstract:Fault injection attack (FIA) has become a serious threat to the confidentiality and fault tolerance of integrated circuits (ICs). Circuit designers need an effective method to evaluate the countermeasures of the IC designs against the FIAs at the design stage. To address the need, this article, based on FPGA emulation, proposes an in-circuit early evaluation framework, in which FIAs are emulated with parameterized fault models. To mimic FIAs, an efficient scan approach is proposed to inject faults at any time at any circuit nodes, while both the time and area overhead of fault injection are reduced. After the circuit design under test (CUT) is submitted to the framework, the scan chains insertion, fault generation, and fault injection are executed automatically, and the evaluation result of the CUT is generated, making the evaluation a transparent process to the designers. Based on the framework, the confidentiality and fault-tolerance evaluations are demonstrated with an information-based evaluation approach. Experiment results on a set of ISCAS89 benchmark circuits show that on average, our approach reduces the area overhead by 41.08% compared with the full scan approach and by over 20.00% compared with existing approaches. The confidentiality evaluation experiments on AES-128 and DES-56 and the fault-tolerance evaluation experiments on two CNN circuits, a RISC-V core, a Cordic core, and the float point arithmetic units show the effectiveness of the proposed framework.

computer science, software engineering, hardware & architecture

Fan Zhang,Shize Guo,Xinjie Zhao,Tao Wang,Jian Yang,Francois-Xavier Standaert,Dawu Gu

DOI: https://doi.org/10.1109/tifs.2016.2516905

2019-01-01

Abstract:Algebraic fault analysis (AFA), which combines algebraic cryptanalysis with fault attacks, has represented serious threats to the security of lightweight block ciphers. Inspired by an earlier framework for the analysis of side-channel attacks presented at EUROCRYPT 2009, a new generic framework is proposed to analyze and evaluate algebraic fault attacks on lightweight block ciphers. We interpret AFA at three levels: 1) the target; 2) the adversary; and 3) the evaluator. We describe the capability of an adversary in four parts: 1) the fault injector; 2) the fault model describer; 3) the cipher describer; and 4) the machine solver. A formal fault model is provided to cover most of current fault attacks. Different strategies of building optimal equation set are also provided to accelerate the solving process. At the evaluator level, we consider the approximate information metric and the actual security metric. These metrics can be used to guide adversaries, cipher designers, and industrial engineers. To verify the feasibility of the proposed framework, we make a comprehensive study of AFA on an ultra-lightweight block cipher called LBlock. Three scenarios are exploited, which include injecting a fault to encryption, to key scheduling, or modifying the round number or counter. Our best results show that a single fault injection is enough to recover the master key of LBlock within the affordable complexity in each scenario. To verify the generic feature of the proposed framework, we apply AFA to three other block ciphers, i.e., Data Encryption Standard, PRESENT, and Twofish. The results demonstrate that our framework can be used for different ciphers with different structures.

Fan Zhang,Yiran Zhang,Shengwen Shi,Shize Guo,Ziyuan Liang,Samiya Qureshi,Congyuan Xu

DOI: https://doi.org/10.1109/PADSW.2018.8644906

2018-01-01

Abstract:An optimized lightweight Hardware Trojan (HT)based fault attack is proposed, especially for those resource-constrained environments such as IoT networks. Firstly, Algebraic fault analysis (AFA)is introduced to evaluate different fault models and search for the optimal one. Next, considering the limited resource, a lightweight HT is carefully designed which only flips one bit of the circuit in IoT device. Finally, AFA is applied again to exploit the fault and recover the secret key. An illustrative attack is demonstrated on DES implemented on an FPGA platform, SASEBO-GII. This paper shows that, for single bit fault injection at different rounds or different indexes in the same round, the reduced key search space of DES varies. The proposed technique can search for the optimal fault model, guide the lightweight Hardware Trojan design and automatically recover the secret key. Only one fault is required to recover the secret key of DES, which improves the stealthiness of the designed Hardware Trojan in IoT networks. The entire attack framework can also be applied to other block ciphers such as AES and PRESENT.

Jizhong Shen,Liang Geng,Fan Zhang

DOI: https://doi.org/10.1049/el.2017.2415

2017-01-01

Electronics Letters

Abstract:Side-channel analysis (SCA) is a powerful technique to reveal the secrets using detectable physical leakages from logic elements, which brings severe security threats to modern circuits. To alleviate this problem, applying cell-level countermeasure is usually a suitable solution, which is mainly implemented as dual-rail precharge logic. Mace et al. has the proposed dynamic current mode logic (DyCML) scheme as a novel technology to resist SCA, whose power consumption is constant regardless of the data processed. However, the DyCML-based sequential elements are still in blank field. So, we have implemented a novel flip-flop compatible with DyCML, whose enhanced security has been proved by corresponding simulations.

Fan Zhang,Bolin Yang,Shize Guo,Xinjie Zhao,Tao Wang,Francois-Xavier Standaert,Dawu Gu

DOI: https://doi.org/10.1007/978-3-030-11333-9_5

2019-01-01

Abstract:Algebraic fault analysis (AFA), which combines algebraic cryptanalysis with fault attacks, has represented serious threats to the security of lightweight block ciphers. Inspired by an earlier framework for the analysis of side-channel attacks presented at EUROCRYPT 2009, a new generic framework is proposed to analyze and evaluate algebraic fault attacks on lightweight block ciphers. We interpret AFA at three levels: the target, the adversary, and the evaluator. We describe the capability of an adversary in four parts: the fault injector, the fault model describer, the cipher describer, and the machine solver. A formal fault model is provided to cover most of the current fault attacks. Different strategies of building optimal equation set are also provided to accelerate the solving process. At the evaluator level, we consider the approximate information metric and the actual security metric. These metrics can be used to …

Aijiao Cui,Zhen Weng,Hui Zhang,Gang Qu,Huawei Li

DOI: https://doi.org/10.1109/tetc.2022.3148244

2022-01-01

IEEE Transactions on Emerging Topics in Computing

Abstract:In the horizontal semiconductor business model, a foundry can tamper or overbuild the integrated circuits (ICs) while the IC owner knows nothing about it. Active IC metering scheme has been proposed to solve this problem by enabling IC owners to uniquely identify each manufactured chip. We propose a new active metering scheme, SATAM. In the scheme, a new cell of switchable scannable flip-flop (WFF) is introduced to be inserted in the non-critical paths or replace some original scan cells. Without a correct key on these WFFs, the synchronization status of the original design is violated and hence the circuit logic is locked (obfuscated). The scan design is also obfuscated by the introduction of WFFs, which helps the locking scheme to resist the typical SAT attack and other existing attacks on logic locking. To enable each fabricated chip to have a unique key to unlock, a via-based physical unclonable function (PUF) is adopted due to its perfect reliability. A new post-processing method is proposed to improve its uniqueness and randomness. Also, we propose to modify the original finite state machine (FSM) so that the PUF response can only be retrieved by the chip designer in a secure way. The experimental results show that the locking scheme based on WFFs can well resist the SAT attack and other existing attacks on logic obfuscation. The PUF design can achieve satisfactory uniqueness and randomness while incurring lower overhead. The FSM-based retrieval scheme can secure the PUF response by slightly modifying the original FSM. The overhead due to the overall metering method is smaller than most of the existing metering methods while it can resist typical attacks.

Amit Mazumder Shuvo,Tao Zhang,Farimah Farahmandi,Mark Tehranipoor

DOI: https://doi.org/10.1109/tvlsi.2024.3378291

2024-01-01

IEEE Transactions on Very Large Scale Integration (VLSI) Systems

Abstract:The ease and inexpensive setup of injecting timing faults in a hardware design make it vulnerable to adversaries, resulting in confidentiality or integrity violations. The state-of-the-art fault-injection attack assessment frameworks do not consider significant timing variations during layout generation from a gate-level design when assessing security threats of timing faults. Additionally, existing mitigation methods focus on higher design abstractions (e.g., register transfer level (RTL) and gate level), resulting in substantial area, power consumption, and latency overhead. To address these limitations, we propose our layout-aware and security property-assisted timing fault-injection attack assessment (FLAT) framework that automatically assesses the feasibility of injecting controlled timing faults into the layout of a design using clock glitches and quantifies its vulnerability concerning security properties. If the design is vulnerable, FLAT modifies the layout to tune the fan-in path delays of the security-critical registers as local countermeasures. Unlike system-wide mitigation approaches, these countermeasures incur minimal overheads at an IP or system-on-chip (SoC) design regarding power, performance, and area while ensuring security against timing faults. To demonstrate the effectiveness of FLAT, we perform security assessments on the postlayout designs of various benchmarks e.g., advanced encryption standard (AES), rivest-shamir-adleman (RSA), and floating-point unit (FPU) by targeting major fault injection attack vectors and deploying local countermeasures. These assessments indicate that the FLAT framework adeptly evaluates each design’s susceptibility to timing faults and implements the countermeasures to mitigate this susceptibility to the desired level.

engineering, electrical & electronic,computer science, hardware & architecture

Nicolás Ruminot,Claudio Estevez,Samuel Montejo-Sánchez

DOI: https://doi.org/10.3390/s23167180

2023-08-15

Abstract:The rapid development of the Internet of Things (IoT) has brought about the processing and storage of sensitive information on resource-constrained devices, which are susceptible to various hardware attacks. Fault injection attacks (FIAs) stand out as one of the most widespread. Particularly, voltage-based FIAs (V-FIAs) have gained popularity due to their non-invasive nature and high effectiveness in inducing faults by pushing the IoT hardware to its operational limits. Improving the security of devices and gaining a comprehensive understanding of their vulnerabilities is of utmost importance. In this study, we present a novel fault injection method and employ it to target an 8-bit AVR microcontroller. We identify the optimal attack parameters by analyzing the detected failures and their trends. A case study is conducted to validate the efficacy of this new method in a more realistic scenario, focusing on a simple authentication method using the determined optimal parameters. This analysis not only demonstrates the feasibility of the V-FIA but also elucidates the primary characteristics of the resulting failures and their propagation in resource-constrained devices. Additionally, we devise a hardware/software countermeasure that can be integrated into any resource-constrained device to thwart such attacks in IoT scenarios.

Yadi Zhong,Ayush Jain,M. Tanjidur Rahman,Navid Asadizanjani,Jiafeng Xie,Ujjwal Guin

DOI: https://doi.org/10.48550/arXiv.2206.04754

2022-10-13

Abstract:The outsourcing of the design and manufacturing of integrated circuits has raised severe concerns about the piracy of Intellectual Properties and illegal overproduction. Logic locking has emerged as an obfuscation technique to protect outsourced chip designs, where the circuit netlist is locked and can only be functional once a secure key is programmed. However, Boolean Satisfiability-based attacks have shown to break logic locking, simultaneously motivating researchers to develop more secure countermeasures. In this paper, we present a novel fault injection attack to break any locking technique that relies on a stored secret key, and denote this attack as AFIA, ATPG-guided Fault Injection Attack. The proposed attack is based on sensitizing a key bit to the primary output while injecting faults at a few other key lines that block the propagation of the targeted key bit. AIFA is very effective in determining a key bit as there exists a stuck-at fault pattern that detects a stuck-at 1 (or stuck-at 0) fault at any key line. The average complexity of number of injected faults for AFIA is linear with the key size and requires only |K| test patterns to determine a secret key, K. AFIA requires a fewer number of injected faults to sensitize a bit to the primary output, compared to 2|K|-1 faults for the differential fault analysis attack [26].

Cryptography and Security

Xi Chen,Zhaojun Lu,Gang Qu,Aijiao Cui

DOI: https://doi.org/10.1109/trustcom/bigdatase.2018.00208

2018-01-01

Abstract:Testing is essential to isolate good chips from faulty ones. Scan chain, which provides test engineer access to all the flip flops in the chip, is the backbone of industrial testing methods. However, attackers can also leverage the controllability and observability of scan chain as a side channel to break systems such as cryptographic chips. In this paper, we develop a partial scan chain based approach to prevent side channel attacks. The basic idea is to remove the flip flops that store sensitive information from the full scan chain. However, the challenge is how to keep the full test coverage as we demonstrate that using industrial design tools such as traditional partial scan not only fails to provide full fault coverage, but also incurs huge overhead in test time and test vector generation time. We use a novel finite state machine (FSM) structure to deliver secure controllability of the un-chained flip flops to test engineers while using lightweight LFSR and XOR to enable the observability. We conduct experiments to demonstrate that the proposed partial scan, comparing to the full scan, gives full test coverage with reduced test time and does not need to re-generate test vectors.

Xiao-Lei Wang

DOI: https://doi.org/10.1016/j.ins.2021.09.042

IF: 8.1

2021-12-01

Information Sciences

Abstract:This paper is concerned with the design of false data injection attacks (FDIAs) against fault detectors (FD) for linear cyber-physical systems (CPSs). The purpose of the attacker is to design an stealthy attack scheme such that the defenders cannot detect the faults in time or fail to detect the faults, and at the same time the robustness of the CPS is deteriorated. Unlike the existing optimal attack strategies (OASs) that are established based on sufficient conditions, necessary and sufficient conditions (NASCs) are established to maximize the degradation of the FD performance and robustness of CPS while maintaining stealth. Subsequently, an OAS is constructed by solving coupled backward recursive Riccati difference equations (RDEs). Finally, two simulation examples are employed to show the effectiveness of the designed attack scheme.

computer science, information systems

Ruilong Deng,Hao Liang

DOI: https://doi.org/10.1109/TII.2018.2863256

IF: 12.3

2019-01-01

IEEE Transactions on Industrial Informatics

Abstract:In this paper, we consider false data injection (FDI) attacks with limited information of transmission-line susceptances and new countermeasures in smart grids. First, we prove that the adversary could launch FDI attacks to modify the state variable on a bus or superbus only if he/she knows the susceptance of every transmission line that is incident to that bus or superbus. Based on this observation, we provide a new countermeasure against FDI attacks, i.e., to make the susceptances of <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$n-1$</tex-math></inline-formula> interconnected transmission lines that cover all buses unknown to the adversary (e.g., by proactively perturbing transmission-line susceptances through distributed flexible AC transmission system (D-FACTS) devices), where <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$n$</tex-math></inline-formula> is the total number of buses. This new countermeasure can work alone or in conjunction with traditional ones to reduce the number of meter measurements/state variables that are to be secured against FDI attacks. The implementation of FDI attacks with limited susceptance information and the effectiveness of new countermeasures are demonstrated by using an illustrative 4-bus power system and the IEEE 9-bus, 14-bus, 30-bus, 118-bus, and 300-bus test power systems.

Chao Wang,Zhongchuan Fu,Hongsong Chen,Gang Cui

DOI: https://doi.org/10.1109/IMCCC.2011.88

2011-01-01

Abstract:With VLSI technology advances and the increasing popularity of COTS components and multi-core processor in space, aviation, and military harsh environment, dependability becomes more attractive to overcome the increasing susceptibility to transient, permanent, and wear-out induced intermittent fault. Fault injection is widely used in dependability evaluation and fault emulation. As compared to physical- and software based fault-injection tool, this paper presents a simulation based Fault Injection tool, namely FSFI, to study high-level propagations of faults and system-level manifestations, especially the underlying causes of fault manifestations, namely Symptoms in this paper. The primary contributions of this paper are as follows. First and foremost, FSFI - A Full System simulator based Fault Injection tool is designed and described in great details. FSFI is based on an open source full system simulator (SAM) and it is heavily modified to support different processor component such as ALU, decoder, integer register files, and AGEN (Address Generation Unit). Additional four modules are added to the FSFI-simulator: Fault Injector, Monitor, Analyzer, and Controller. Second, transient faults are injected into different SPARC processor components, such as ALU, decoder, integer register files, and AGEN to deliberately study fault high level manifestations and propagations from processor component, through SPARC architecture level, hyper visor, OS, to application. Third, the underlying causes of fault manifestations, namely Symptoms, such as fatal trap, high OS, high hyper, and hangs, are captured by FSFI Monitor. The distributions of Symptoms for different components against typical benchmarks are investigated, and the underlying reasons are analyzed in detail. Preliminary experiment results show that FSFI is effective for fault high level propagation and Symptom research, and some of our future work is prospected. © 2011 IEEE.

Jiyuan Bai,Xiang Wang,Zikang Zhang,Chang Cai,Gengsheng Chen

DOI: https://doi.org/10.1109/asicon52560.2021.9620299

2021-01-01

Abstract:Soft error protection schemes are indispensable for high-density computing clusters and mission-important devices in radiation environments. To evaluate different fault protection schemes, system designers need an efficient approach to undertake fault injection campaigns during the design phase. In this paper, we propose an RTL-level soft error model and construct a hierarchical emulation-based fault injection system to achieve fast and accurate soft error rate estimations for the design and fault sensitive investigation of complex digital systems, in which the modifications to the device under test can be minimized with the best efforts. We build this new fault injection system on a Xilinx ZCU102 board. Experimental results show that the new system has achieved an up to 72.75×speedup compared with simulation-based fault injection systems and has only less than one clock cycle delay for fault injection, which is much faster than peer works based on dynamic partial reconfiguration technology.

Mohammad Mehdi Sharifi,Ramin Rajaei,Patsy Cadareanut,Pierre-Emmanuel Gaillardon,Yier Jin,Michael Niemier,X. Sharon Hu

DOI: https://doi.org/10.23919/date48585.2020.9116554

2020-03-01

Abstract:Side-channel attacks (SCAs) represent a significant security threat, and aim to reveal otherwise secret data by analyzing a relevant circuit’s behavior, e.g., its power consumption. While all circuit components are potential power side channels, D-flip-flops (DFFs) are often the primary source of information leakage to an SCA. This paper proposes a DFF design based on the three-independent-gate field-effect transistor (TTGFET) that reduces side-channel vulnerabilities of sequential circuits. Notably, we find that the I-V characteristics of the TIGFET itself leads to inherent side-channel resilience, which in turn enables simpler and more efficient cryptographic hardware. Our proposed design is based on a prior TIGFET-based true single-phase clock (TSPC) DFF design, which offers high performance and reduced area. More specifically, our modified TSPC (mTSPC) design exploits the symmetric I-V characteristics of TIGFETs, which results in pull-up and pull-down currents that are nearly identical. When combined with additional circuit modifications (made possible by the unique characteristics of the TIGFET), the mTSPC circuit draws almost the same amount of supply currents under all possible input transitions (less than 1% variation for different transitions), which can in turn mask information leakage. Using a 10nm TIGFET technology model, simulation results show that the proposed TIGFET-based DFF circuit leads to decreased power consumption (up to 96.9% when compared to the prior secured designs), has a low delay (15.2 ps), and employs only 12 TIGFET devices. Furthermore, an 8-bit S-box whose output is sampled by a group of eight mTSPC DFFs was simulated. A correlation power analysis attack on the simulated S-box with 256 power traces shows that the key is not revealed, which confirms the SCA resiliency of the proposed DFF design.

Aijiao Cui,Chip-Hong Chang,Sofiene Tahar,Amr T. Abdel-Hamid

DOI: https://doi.org/10.1109/tcad.2010.2098131

IF: 2.9

2011-01-01

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

Abstract:Finite state machines (FSMs) are the backbone of sequential circuit design. In this paper, a new FSM watermarking scheme is proposed by making the authorship information a non-redundant property of the FSM. To overcome the vulnerability to state removal attack and minimize the design overhead, the watermark bits are seamlessly interwoven into the outputs of the existing and free transitions of state transition graph (STG). Unlike other transition-based STG watermarking, pseudo input variables have been reduced and made functionally indiscernible by the notion of reserved free literal. The assignment of reserved literals is exploited to minimize the overhead of watermarking and make the watermarked FSM fallible upon removal of any pseudo input variable. A direct and convenient detection scheme is also proposed to allow the watermark on the FSM to be publicly detectable. Experimental results on the watermarked circuits from the ISCAS'89 and IWLS'93 benchmark sets show lower or acceptably low overheads with higher tamper resilience and stronger authorship proof in comparison with related watermarking schemes for sequential functions.

Teng LIN,Jianhua FENG,Jianbing ZHAO,Yangyuan WANG

DOI: https://doi.org/10.3321/j.issn:0479-8023.2009.03.006

2009-01-01

Abstract:A novel scheme for application-dependent testing of FPGAs (field_programmable gate arrays) is proposed. This scheme models a design configuration (DC) of an FPGA as a network of LUTs(look-up-tables), non-LUT logic gates, flip-flops and interconnects, and the stuck-at faults on the interconnects (SAFIs) and the functional faults on the used LUTs (FFLs) are targeted. Two alternative types of test configurations (TCs) are proposed to improve the coverage of SAFIs obtained by automatic test pattern generation (ATPG) tools, while TCs under which exhaustive testing can be performed on the used LUTs are used to detect the FFLs. Experimental results show that, for the seven largest ISCAS89 benchmarks, this scheme can obtain the coverage ranging from 86.82% to 99.16% for the SAFIs, and 100% coverage for the FFLs.