Fault attacks inside a loop

Question

I am working on an attack that involves changing a constant inside a loop. Consider the simplified example is as below,

For i=1 to n :
    j=constant;
    for i=1 to n':
        Use J here
        .
        .
    exit for;
exit for;

In my case, I don't want to j to get the correct value of constant.

1. If n is between 60 to 80, how feasible is to mount a fault attack such that j gets 0 (or other small value) instead of the constant?

2. If it is not possible to do it for all iterations, can I make this happen for some iterations? For simplicity, let's assume that all the compiler optimizations are turned off. Or the code is written in assembly to remove any interference from the compiler.

Please let me know if something is not clear or you need more information. Thanks in advance. :-)

EDIT 1: the Constant is not ZERO. But rather a 32 bit value.

EDIT 2: The platform is a microcontroller. Let's say, Cortex-M0 or Cortex-M4

Answer 1

This is rather implementation dependent.

If this is compiled code (and even slightly optimized), I would expect the compiler to perform 'constant propagation'; that is, it would notice that j always has the value of zero, and so remove j (and effectively replace all instances with 0); of course, those 0's would be subject to even more optimizations (for example, a statement of t := t + j may end up being omitted entirely).

If this is interpreted code, well, it might be possible (albeit unlikely); the interpreter would most likely place a 0 in the place where the current 'j' value resides; you might be able to disrupt that write and have it write another value (without disrupting anything else the interpreter is doing); I can't think that'd happen that often.

If it's JIT (just in time compiled) code, well, it's even more complex; you might disrupt the compilation process (that is, when the JIT compiler reads it, it reads something other than j = 0, and compiles it accordingly), or you might disrupt the execution process (which, depending on how much the JIT compiler tries to optimize, might look like either of the above two cases).

However, even at the best, I would be skeptical about the practicality of introducing a fault that has the sole affect of modifying j, and has no other changes.