Transducer Sensors Suffer Security Risks Based on Physics, Not Malware

By Special Guest
Justin Jett, Director of Audit and Compliance, Plixer
February 09, 2018

The Internet of Things (IoT) is comprised of a massive and rapidly growing number of devices connected to the Internet. These devices include things like household appliances, thermostats, manufacturing robots, cameras, automobiles, biochip transponders and many others. Among these devices are sensors called transducers.

Transducers gather data from the physical world, such as light, sound, vibration, heat, and pressure and convert that information into electrical impulses. Software interprets these electrical impulses to make sense of the data. Recent research conducted by Kevin Fu from the University of Michigan and Wenyuan Xu from Zhejiang University has revealed that transducers are inherently vulnerable to attacks based on physics, not malware.

Physical manipulation can be used to trick transducers into reporting environmental data that is inaccurate. Ambient sound can be used to trick voice recognition sensors. Electromagnetic waves can be used to dupe transducers into inaccurately reporting temperature.

Although the term “transduction attacks” was recently coined by Fu and Xu, these attack surfaces aren’t new. In March of 2017, scientists from Israel demonstrated how a flatbed scanner could be used to gain access to an air-gapped network (like the ones often found in government and military environments). In this case, lasers and smart lightbulbs were used to communicate with the optical sensor of a flatbed scanner.

The attack demonstrated that by altering the input of physical data, in this case light, you could trick the sensor into behaving in a manner different from that which it was intended. Imagine the implication of tricking sensors used in hospitals to measure refrigerator temperatures where medications and specimens are stored. In hospitals or other healthcare environments, refrigeration unit temperatures could be increased, ruining lifesaving medication and destroying medical samples waiting for diagnosis.

In the automobile industry, consider the safety implications. Sensors measuring vehicle acceleration/deceleration for the purposes of airbag deployment could be altered. Airbags could be triggered to go off, even though there was no accident. Sensors measuring the distance of objects could be tricked into causing the vehicle to brake hard while driving at full speed, or fail to brake, causing a collision.

In critical infrastructure, transducers measuring the temperature of data centers or other critical infrastructure could be altered, causing damage to server farms or the failure of public utility systems.

The more our modern world relies on IoT devices and transducers for safety systems, process automation and general data gathering, the more at risk we are from these transducer attacks.

Manufacturers that build transducers should take a system-centric approach to security. This means that they need to ensure the validity of input data being received through a defense in depth approach. Installing additional sensors that look for the types of environmental variations used to trick the system could provide an extra layer of protection for such attacks. With these complimentary sensors, operating systems or computer software could be used to mitigate false data inputs. In this manner, the attack could be thwarted.

About the Author: Justin Jett is Director of Audit and Compliance at Plixer with roles ranging from system administration of web services to technical product marketing for Plixer’s incident response system, Scrutinizer. Justin, a graduate of the University of Maine at Farmington, is an avid learning of all things security, with a particular interest in TLS and DNS attacks.

Edited by Ken Briodagh

Related Articles

Kudelski Group and Sequans Partner for NB-IoT Connectivity

By: Chrissie Cluney    7/16/2019

The Kudelski Group and Sequans Communications, a provider of LTE for IoT semiconductor solutions, reportedly has created a secure connectivity solutio…

Read More

Solar Energy and Cellular IoT in the Spotlight at AWS Summit

By: Ken Briodagh    7/16/2019

Eseye and SolarNow showcase power of connected technology to change lives

Read More

LoRa Devices Simplify Food Safety for Restaurant Operations

By: Ken Briodagh    7/15/2019

Laird Connectivity and Semtech LoRa-based smart temperature monitoring solution saves as much as $50,000 worth of inventory

Read More

Inseego's Rugged Skyus 500 Router Named IIoT Product of the Year

By: Ken Briodagh    7/12/2019

Industrial IoT router, purpose-built for harsh conditions, features gigabit LTE-A Pro connectivity and future-ready design

Read More Receives 2019 IoT Evolution Industrial IoT Product of the Year Award

By: Ken Briodagh    7/12/2019

CrateDB Cloud for IoT honored for exceptional innovation in managing and scaling industrial time-series data across a multitude of businesses and use …

Read More