About the SPQR Group
The SPQR Group at the University of Michigan works broadly on research problems pertaining to embedded security. We explore the research frontiers of computer science, electrical and computer engineering, and healthcare. Our latest projects examine how to protect analog sensors from intentional electromagnetic, acoustic interference, and light injection.
Recent Projects
(View more in our Project page )
SoK: Formalizing Analog Sensor Security
Over the last six years, several papers demonstrated how intentional analog interference based on acoustics, RF, lasers, and other physical modalities could induce faults, influence, or even control the output of sensors. Damage to the availability and integrity of sensor output carries significant risks to safety-critical systems that make automated decisions based on trusted sensor measurement. Established signal processing models use transfer functions to express...
Light Commands
Light Commands is a vulnerability of MEMS microphones that allows attackers to remotely inject inaudible and invisible commands into voice assistants, such as Google assistant, Amazon Alexa, Facebook Portal, and Apple Siri using light. In our paper we demonstrate this effect, successfully using light to inject malicious commands into several voice controlled devices such as smart speakers, tablets, and phones across large distances and through glass windows.
Trick or Heat?
Temperature sensing and control systems are widely used in the closed-loop control of critical processes such as maintaining the thermal stability of patients, or in alarm systems for detecting temperature-related hazards. However, the security of these systems has yet to be completely explored, leaving potential attack surfaces that can be exploited to take control over critical systems...
Good Reads
- Grand Challenges for Embedded Security Research in a Connected World
- PyCRA
- On Cuba, Diplomats, Ultrasound, and Intermodulation Distortion
- Pacemaker Recall Exposes National Need for Research and Education in Embedded Security
- The New York Times - It's Possible to Hack a Phone With Sound Waves, Researchers Show
Related Initiatives
- NSF Frontiers Trustworthy Health and Wellness project (THAW)
- Archimedes Center for Medical Device Security
- Protecting Automotive Analog Sensor Security (PASS)
- Strategic Healthcare IT Advanced Research Projects on Security (SHARPS)