Investigating the Vulnerability of Cyber-Physical Systems to Side Channel Attacks

• Brandon Bauer, Electrical Engineering, University of Delaware

• Nektarios Tsoutsos, Electrical Engineering, University of Delaware

The proliferation of computers and embedded IoT devices is evident in everyday life, spanning across home, school, and industrial settings. It is evident from the news and media that these devices are under scrutiny for preserving our privacy and information; therefore, cybersecurity is of utmost importance in our ever-growing technology-enhanced lives. A special class of powerful and hard-to-detect attacks is side-channel attacks (SCA). SCAs take advantage of passive channels of information emitted by devices. These attacks are applicable to a broad range of devices, including those that combine a physical component with digital control called cyber-physical systems (CPS).  

For my research project this summer, I investigated different classes of SCA attacks for cyber-physical systems and developed challenges for an educational competition that will take place this Fall during the 2023 CSAW event. In particular, I investigated audio, vibration, and power SCAs and analyzed how these channels can be exploited to leak sensitive information in the context of a point of access control system. After learning and identifying several modern SCAs, I developed 4 challenges targeting an Arduino Uno based point of entry system. The first challenge designed exploits an acoustic side channel where each key produces a different tone when pressed. The second challenge exploits haptic feedback from the point of entry system to allow the attacker to gain information about the pin. The third challenge allows the user to hear the system actuate “locks” in the background as one enters a pin. Finally, the fourth challenge allows an attacker to probe a seven-segment display and learn how power consumed by the display corresponds to the secret pin. For this system, I developed a custom printed circuit board that allows housing multiple sensors, actuators, and easy assembly of the system. Each challenge uses its own code and focuses on exploiting a single SCA to allow competitors to develop attacks and propose solutions.