2nd Annual Embedded Security Workshop

The mission of the Cybersecurity Assurance and Policy (CAP) Center at Morgan State University is to provide the defense and intelligence community with the knowledge, methodology, solutions, and highly skilled cybersecurity professionals to mitigate penetration and manipulation of our nation’s cyber-physical infrastructure. The Internet of Things (IoT) permeates all areas of life and work, with unprecedented economic effects. The IoT is a network of dedicated physical objects (things) whose embedded system technology senses or interacts with its internal state or external environment. Embedded systems perform dedicated functions within larger mechanical or electrical systems. Critical infrastructures in transportation, smart grid, manufacturing, and health care, etc. are highly dependent on embedded systems for distributed control, tracking, and data collection. While it is paramount to protect these systems from hacking, intrusion, and physical tampering, current solutions rely on a patchwork of legacy systems, and this is unsustainable as a long-term solution. Transformative solutions are required to protect these systems. In this talk, we will present our current research that addresses security vulnerabilities in IoT ecosystems to provide secure, resilient, and robust operation.

Data privacy and cybersecurity should both be seriously considered for all devices that interact with our patients. Patient data privacy is a key tenet of HIPAA, but data acquired by devices outside the medical record may not be protected. Implanted neuromodulation devices for movement disorders, epilepsy, and pain are able to track and record data, which can then be downloaded to hospital, office or manufacturer sites for review. These data can be collected and stored indefinitely, allowing for retrospective analysis, which as our understanding of neurophysiology improves, will lead to new and unforeseen insights. For example, brainwave data collected for seizure mapping served as the basis for understanding neurophysiology of vision, ultimately contributing to developing of a new neuromodulation device to enable sight. What today might seem like unparsable noise may be the key to a breakthrough as our neuroscience knowledge and artificial intelligence and machine learning capabilities improve. As with collection and recording from external devices, there are serious concerns about the privacy of date collected from implanted devices. There is little education of patients and clinicians about data collection and its use and possible misuse, and these considerations are rarely part of informed consent discussions. There is no business relationship between the patient and the manufacturer of their device, no statement of Terms of Service, nor discussion of how patients might opt out of data collection. Until policies are clearer, clinicians and patients must rely on the good will, morality or ethical code of manufacturers to preserve data privacy.

During the now-ended performance boom, microprocessor performance optimizations brought enormous economic benefits that vastly exceeded the costs of insecurity. As CPU improvements stalled out, security costs continued to scale exponentially. As a result, we are now at the beginning of a starkly different era characterized by staggering insecurity costs and modest performance gains. This talk explores the technical and business implications of a world where security risk is the dominant issue, while performance merely needs to be good enough. Architectures will increasingly need to address messy real-world problems, such as side channels and fault attacks. Likewise, security models need to reflect realistic assumptions about the fallibility of the humans who architect, implement, test, and administer systems. Ultimately, changing constraints present a major challenge for previously-dominant companies while creating enormous opportunities for entrepreneurs.

This talk will consider attacks in three domains against safety critical systems: 1) in vision-based object classification systems imaging sensors perceive the environment and machine learning is then used to detect and classify objects for decision-making purposes; e.g., to maneuver an automated vehicle around an obstacle or to raise an alarm to indicate the presence of an intruder in surveillance settings. We will discuss how the perception domain can be remotely and unobtrusively exploited to enable an attacker to create spurious objects or alter an existing object. 2) Extremely fast charging (XFC), whereby electric vehicles (EV) can be quickly recharged in the time frame it takes to refuel an internal combustion engine, has been proposed to alleviate range anxiety in EVs. A critical component of these chargers is the efficient and proper operation of power converters that convert AC to DC power and otherwise regulate power delivery to vehicles. We will demonstrate that, with relatively low power levels, an adversary is able to manipulate the voltage and current sensor outputs necessary to ensure the proper operation of the converters, to catastrophic effect. 3) Traffic Collision Avoidance Systems (TCAS) are safety-critical systems required on most commercial aircrafts in service today. We'll examine TCAS from an adversarial perspective with the goal of inducing near mid-air collisions between current day TCAS-equipped aircraft.

Sensors are essential components of sensing-and-actuation system such as drones, self-driving cars, medical devices and smoke detectors. Active sensors are designed to collect physical information about remote objects. In this talk, I will talk about security of active sensors such as lidars and camera sensors for self-driving cars, drop sensors for infusion pumps and optical beam smoke detector (OBSD) installed in critical infrastructure such as government buildings, airports and museums. Then, I'll conclude my talk with a few design considerations for future sensor designers.

Perception plays a pivotal role in autonomous driving systems, which utilizes onboard sensors like cameras and LiDARs(Light Detection and Ranging) to assess surroundings. Recent studies have demonstrated that LiDAR-based perception is vulnerable to spoofing attacks, in which adversaries spoof a fake vehicle in front of a victim self-driving car by strategically transmitting laser signals to the victim’s LiDAR sensor. However, existing attacks suffer from effectiveness and generality limitations. In this work, we perform the first study to explore the general vulnerability of current LiDAR-based perception architectures and discover that the ignored occlusion patterns in LiDAR point clouds make self-driving cars vulnerable to spoofing attacks. We construct the first black-box spoofing attack based on our identified vulnerability, which universally achieves around 80% mean success rates on all target models. We perform the first defense study, proposing CARLO to mitigate LiDAR spoofing attacks. CARLO detects spoofed data by treating ignored occlusion patterns as invariant physical features, which reduces the mean attack success rate to 5.5%. Meanwhile, we take the first step towards exploring a general architecture for robust LiDAR-based perception, and propose SVF that embeds the neglected physical features into end-to-end learning. SVF further reduces the mean attack success rate to around 2.3%.

Although RFID has been widely known for its impact on supply chain and inventory management, two of the most exciting applications from a privacy perspective are in: 1) transportation payment systems and 2) implantable medical devices. This talk presents recent research in both areas, drawing parallels but making important distinctions between the two applications. Both projects involve broad international collaborations due to the large number of technical disciplines involved, as well as varying legal and societal dimensions across different cultures. Transportation payment systems have the ability to divulge user location and hence travel habits. However they also facilitate sophisticated dynamic fare schemes and optimization of the transportation system. Implantable medical devices contain extremely private information about personal health and habits, as well as enabling tracking and other privacy concerns. However, the ability to wirelessly access implanted devices provides enormous health and cost benefits Both topics raise interesting cross-disciplinary issues in economics, threat models, and ethics as well as more technical aspects of security engineering This talk will review engineering solutions to both of these domains, including low-power cryptography, physical unclonable functions, and prototyping techniques.

The integrated circuits (ICs) that underpin modern society are produced, distributed, and deployed in a manner that leaves them vulnerable to counterfeiting and other supply chain threats. Counterfeit chips are primarily recycled, test rejects, or legitimate but regraded parts, and have to date been found in a number of systems, including defense systems. In this talk, I will present COUNTERFOIL – a practical anti-counterfeiting system based on enrolling and authenticating intrinsic features of the molded packages that enclose most ICs sold on the market. Our approach relies on computer-readable labels, inexpensive cameras, image processing using OpenCV, and digital signatures, to enroll and verify provenance of chip packages. I will also discuss in the talk some of our earlier work in the broader field of IC fingerprinting, in which manufacturing variations of semiconductor devices are used as a mechanism for establishing trust.

It has been known that laser illumination on a microcontroller causes the photoelectric effect inside the circuit, which results in computational errors. Attackers have exploited this effect to attack cryptographic modules, and a countermeasure is mandatory for particular products such as smartcards. I will talk about two research topics related to the laser injection attack. The first is its application to attacking sensors: we recently discovered that we could inject arbitrary signal to a microphone by illuminating it with a modulated laser, which results in a silent voice-command injection attack on smart speakers. The second is the sensor-based countermeasure against the laser injection attack: we developed an on-chip sensor that can be integrated into digital circuits and detects laser illumination in place.