Transducer Sensors Suffer Security Risks Based on Physics, Not Malware

By Special Guest
Justin Jett, Director of Audit and Compliance, Plixer
February 09, 2018

The Internet of Things (IoT) is comprised of a massive and rapidly growing number of devices connected to the Internet. These devices include things like household appliances, thermostats, manufacturing robots, cameras, automobiles, biochip transponders and many others. Among these devices are sensors called transducers.

Transducers gather data from the physical world, such as light, sound, vibration, heat, and pressure and convert that information into electrical impulses. Software interprets these electrical impulses to make sense of the data. Recent research conducted by Kevin Fu from the University of Michigan and Wenyuan Xu from Zhejiang University has revealed that transducers are inherently vulnerable to attacks based on physics, not malware.

Physical manipulation can be used to trick transducers into reporting environmental data that is inaccurate. Ambient sound can be used to trick voice recognition sensors. Electromagnetic waves can be used to dupe transducers into inaccurately reporting temperature.

Although the term “transduction attacks” was recently coined by Fu and Xu, these attack surfaces aren’t new. In March of 2017, scientists from Israel demonstrated how a flatbed scanner could be used to gain access to an air-gapped network (like the ones often found in government and military environments). In this case, lasers and smart lightbulbs were used to communicate with the optical sensor of a flatbed scanner.

The attack demonstrated that by altering the input of physical data, in this case light, you could trick the sensor into behaving in a manner different from that which it was intended. Imagine the implication of tricking sensors used in hospitals to measure refrigerator temperatures where medications and specimens are stored. In hospitals or other healthcare environments, refrigeration unit temperatures could be increased, ruining lifesaving medication and destroying medical samples waiting for diagnosis.

In the automobile industry, consider the safety implications. Sensors measuring vehicle acceleration/deceleration for the purposes of airbag deployment could be altered. Airbags could be triggered to go off, even though there was no accident. Sensors measuring the distance of objects could be tricked into causing the vehicle to brake hard while driving at full speed, or fail to brake, causing a collision.

In critical infrastructure, transducers measuring the temperature of data centers or other critical infrastructure could be altered, causing damage to server farms or the failure of public utility systems.

The more our modern world relies on IoT devices and transducers for safety systems, process automation and general data gathering, the more at risk we are from these transducer attacks.

Manufacturers that build transducers should take a system-centric approach to security. This means that they need to ensure the validity of input data being received through a defense in depth approach. Installing additional sensors that look for the types of environmental variations used to trick the system could provide an extra layer of protection for such attacks. With these complimentary sensors, operating systems or computer software could be used to mitigate false data inputs. In this manner, the attack could be thwarted.

About the Author: Justin Jett is Director of Audit and Compliance at Plixer with roles ranging from system administration of web services to technical product marketing for Plixer’s incident response system, Scrutinizer. Justin, a graduate of the University of Maine at Farmington, is an avid learning of all things security, with a particular interest in TLS and DNS attacks.

Edited by Ken Briodagh

Related Articles

Cassia Networks Expands Long-Range Bluetooth Portfolio

By: Chrissie Cluney    8/8/2018

Cassia Networks, an Internet of Things (IoT) connectivity company specializing in long-range Bluetooth, multi-connectivity Bluetooth routers and syste…

Read More

Ayla IoT Platform Release Features Improved Wireless Module and Application Capabilities

By: Ken Briodagh    8/6/2018

Ayla portable agent device and enhanced application enablement will speed time to value and add flexibility for building IoT solutions, especially at …

Read More

Bertram Communications Acquires Fast Bytes Wireless, Upgrades Network

By: Ken Briodagh    8/6/2018

According to a recent announcement, Bertram Communications has completed the acquisition of Fast Bytes Wireless Inc with the goal of a network upgrade…

Read More

Serbian Grant Winner Mainflux Tackles the Toughest Industrial IoT Conditions

By: Cynthia S. Artin    8/1/2018

Earlier this year, IoT technology company Mainflux won a Serbian Innovation Fund grant funding the development of a new IoT gateway, powered by the Ed…

Read More

Tencent Joins LoRa Alliance; Announces Shenzhen LoRaWAN Network

By: Ken Briodagh    8/1/2018

The LoRa Alliance and Tencent Holdings Limited, a Chinese provider of internet value-added services, recently announced that Tencent has joined the Lo…

Read More