Autonoma fordon - Dess funktion, möjligheter och risker / Autonomous vehicles - its function, possibilities and risks

Khoogar, Alireza

January 2018

Dagens samhälle är starkt beroende av ett flertal kritiska infrastrukturer varav elproduktion, telekommunikationssystem och transportsystem är några. Dessa kritiska infrastrukturer är mycket hopflätade och internt beroende av varandra. De är alla mer eller mindre sårbara och riskerar att förlora delar eller hela deras funktionalitet. Samhället har som mål att skydda all sin kritiska infrastruktur på bästa sätt mot möjliga hot och försöker minimera risken för negativa händelser. Det som ständigt bör eftersträvas är bättre metoder för att kvantifiera och i förlängningen hantera dessa risker. I ett samhälle som är stark beroende av elektroniska system kan det finnas antagonister som har till avsikt att med hjälp av elektromagnetiska störning slå ut eller begränsa funktioner i infrastrukturen. Detta gör exempelvis autonoma fordon sårbara om inga säkerhetsåtgärder vidtas. Det innebär att risknivåer och acceptabla risker i samband med autonoma fordon behöver identifieras och fastställas. Syftet med detta examensarbete är att beskriva vad ett autonomt fordon är, identifiera vilka risker det finns samt hur stor påverkan dessa risker har på autonoma fordon vid en IEMI-attack. Examensarbetet omfattar en bakgrundsstudie som behandlar hur autonoma fordon fungerar, samt vilka tänkbara risker avsiktlig elektromagnetiska störningar kan visa för autonoma fordon. Resultatet från examensarbetet visar att de komponenter som misstänks vara utsatt för elektromagnetisk störning bör genomgå en riskanalys. Detta för att validera risken samt den elektromagnetiska störningens konsekvenser. / Today's society is heavily dependent on a number of critical infrastructures, of which electricity generation, telecommunications systems and transport systems are few. These critical infrastructures are highly interlinked and interdependent. They are all more or less vulnerable and risk losing parts or their entire functionality. The society's goal is to safeguard all critical infrastructure in the best possible way against possible threats and try to minimize the risk of fallout. What is constantly being sought is better methods of quantifying and managing these risks in the long run. The risks are linked to verified risk levels that deal with an acceptance limit. In a society that is highly dependent on electronic systems, there may also be antagonists who intend to disable or limit functions in the infrastructure by means of electromagnetic interference. This makes for example autonomous vehicles vulnerable if no safety measures are taken. This means that risk levels and acceptable risks associated with autonomous vehicles need to be identified and established. The purpose of this study is to describe what an autonomous vehicle is, identify what risks there are and how much impact these risks have on autonomous vehicles. The following thesis work includes a background study that deals with the functioning of autonomous vehicles, and what possible risks involve intentional electromagnetic interference for autonomous vehicles? The result of the study indicates that all components suspected of being exposed to electromagnetic interference should undergo a risk analysis. This to validate the risk and its consequence.

Autonomous vehicles

IEMI

risk analysis

Autonoma fordon

IEMI

riskanalys

Engineering and Technology

Teknik och teknologier

Electromagnetic Interference Attacks on Cyber-Physical Systems: Theory, Demonstration, and Defense

Dayanikli, Gokcen Yilmaz

27 August 2021

A cyber-physical system (CPS) is a complex integration of hardware and software components to perform well-defined tasks. Up to this point, many software-based attacks targeting the network and computation layers have been reported by the researchers. However, the physical layer attacks that utilize natural phenomena (e.g., electromagnetic waves) to manipulate safety-critic signals such as analog sensor outputs, digital data, and actuation signals have recently taken the attention. The purpose of this dissertation is to detect the weaknesses of cyber-physical systems against low-power Intentional Electromagnetic Interference (IEMI) attacks and provide hardware-level countermeasures. Actuators are irreplaceable components of electronic systems that control the physically moving sections, e.g., servo motors that control robot arms. In Chapter 2, the potential effects of IEMI attacks on actuation control are presented. Pulse Width Modulation (PWM) signal, which is the industry–standard for actuation control, is observed to be vulnerable to IEMI with specific frequency and modulated–waveforms. Additionally, an advanced attacker with limited information about the victim can prevent the actuation, e.g., stop the rotation of a DC or servo motor. For some specific actuator models, the attacker can even take the control of the actuators and consequently the motion of the CPS, e.g., the flight trajectory of a UAV. The attacks are demonstrated on a fixed-wing unmanned aerial vehicle (UAV) during varying flight scenarios, and it is observed that the attacker can block or take control of the flight surfaces (e.g., aileron) which results in a crash of the UAV or a controllable change in its trajectory, respectively. Serial communication protocols such as UART or SPI are widely employed in electronic systems to establish communication between peripherals (e.g., sensors) and controllers. It is observed that an adversary with the reported three-phase attack mechanism can replace the original victim data with the 'desired' false data. In the detection phase, the attacker listens to the EM leakage of the victim system. In the signal processing phase, the exact timing of the victim data is determined from the victim EM leakage, and in the transmission phase, the radiated attack waveform replaces the original data with the 'desired' false data. The attack waveform is a narrowband signal at the victim baud rate, and in a proof–of–concept demonstration, the attacks are observed to be over 98% effective at inducing a desired bit sequence into pseudorandom UART frames. Countermeasures such as twisted cables are discussed and experimentally validated in high-IEMI scenarios. In Chapter 4, a state-of-art electrical vehicle (EV) charger is assessed in IEMI attack scenarios, and it is observed that an attacker can use low–cost RF components to inject false current or voltage sensor readings into the system. The manipulated sensor data results in a drastic increase in the current supplied to the EV which can easily result in physical damage due to thermal runaway of the batteries. The current switches, which control the output current of the EV charger, can be controlled (i.e., turned on) by relatively high–power IEMI, which gives the attacker direct control of the current supplied to the EV. The attacks on UAVs, communication systems, and EV chargers show that additional hardware countermeasures should be added to the state-of-art system design to alleviate the effect of IEMI attacks. The fiber-optic transmission and low-frequency magnetic field shielding can be used to transmit 'significant signals' or PCB-level countermeasures can be utilized which are reported in Chapter 5. / Doctor of Philosophy / The secure operation of an electronic system depends on the integrity of the signals transmitted from/to components like sensors, actuators, and controllers. Adversaries frequently aim to block or manipulate the information carried in sensor and actuation signals to disrupt the operation of the victim system with physical phenomena, e.g., infrared light or acoustic waves. In this dissertation, it is shown that low-power electromagnetic (EM) waves, with specific frequency and form devised for the victim system, can be utilized as an attack tool to disrupt, and, in some scenarios, control the operation of the system; moreover, it is shown that these attacks can be mitigated with hardware-level countermeasures. In Chapter 2, the attacks are applied to electric motors on an unmanned aerial vehicle (UAV), and it is observed that an attacker can block (i.e., crash of the UAV) or control the UAV motion with EM waves. In Chapter 3, it is shown that digital communication systems are not resilient against intentional electromagnetic interference (IEMI), either. Low–power EM waves can be utilized by attackers to replace the data in serial communication systems with a success rate %98 or more. In Chapter 4, the attacks are applied to the sensors and actuators of electric vehicle chargers with low–cost over–the–shelf amplifiers and antennas, and it is shown that EM interference attacks can manipulate the sensor data and boosts the current supplied to the EV, which can result in overheating and fire. To ensure secure electronic system operation, hardware–level defense mechanisms are discussed and validated with analytical solutions, simulations, and experiments.

Cyber-Physical System Security

Electromagnetic Attacks

Signal Integrity

Contribution à l'analyse de la susceptibilité électromagnétique des composants : Caractérisation et modélisation des étages d'entrée des circuits intégrés numériques / Contribution to the electromagnetic susceptibility analysis of components : Characterization and modeling of input stages of digital integrated circuits

Kane, Ibrahim

21 December 2016

La prolifération des composants électroniques fait que l'étude de leur vulnérabilité face à des agressions électromagnétiques intentionnelles ou non devient de plus en plus préoccupante. Notre étude s'inscrit dans ce contexte et s'oriente plus particulièrement vers les composants numériques. Ces derniers incorporent généralement, à toutes leurs interfaces d'entrée et de sortie, des éléments de protection contre les décharges électrostatiques permettant d'éliminer tout signal se présentant avec une amplitude élevée. Cependant, les signaux perturbateurs peuvent avoir des amplitudes moindres mais des formes d'onde complexes et capables de causer des dysfonctionnements à ces composants numériques sans activer les protections. Dans ce cas, les étages d'entrée se retrouvent au premier plan et leur comportement face à ces signaux perturbateurs peut altérer la fonctionnalité globale du circuit. Ainsi, nous nous sommes proposés d'étudier et de modéliser les comportements de ces étages d'entrée face à ces types d'agressions. Une première étape a consisté à définir une plateforme d'expérimentation pour les composants numériques. Une sélection des types de composants de test a d'abord été effectuée et le choix s'est porté naturellement sur l'inverseur CMOS, car il est présent sur la quasi-totalité des étages d'entrée, et sa structure est simple et connue. Le choix de cette technologie est également dicté par sa simplicité et son omniprésence dans les équipements électroniques actuels. Différents types de signaux perturbateurs ont été appliqués à ces inverseurs CMOS afin d'observer et de relever leurs comportements typiques et particuliers. Ensuite, à partir des résultats expérimentaux, un modèle SPICE comportemental et générique des inverseurs CMOS a été créé. Différents types de modèles de composants numériques existent mais le type SPICE est le seul à expliciter leur architecture complète. En effet, pour des raisons liées aux propriétés intellectuelles, les fabricants sont généralement discrets sur les structures internes de leurs circuits intégrés. Par contre, ces modèles SPICE ne sont à priori valables que dans des limites de fonctionnement définis par les fabricants. Nous avons apporté diverses modifications à ce modèle afin d'incorporer les comportements observés en dehors des limites de fonctionnement des inverseurs CMOS. Le besoin de trouver un modèle générique a imposé d'étudier un grand nombre d'échantillons d'inverseurs CMOS de différents fabricants et de différentes familles technologies. Enfin, une synthèse des résultats de simulations et des modèles, en fonction des fabricants et des familles technologiques, a été réalisée sous forme d'un tableau récapitulatif. / The proliferation of electronic components increases the interest of investigations about their vulnerability against electromagnetic interference intentionally emitted or not. Our study falls in this context and is specifically devoted to digital devices. These devices usually include, at their input/output ports, protection elements to prevent against electrostatic discharges and all kind of signals with very high amplitude. However, the perturbating signals can have low amplitude and complex waveforms that can cause trouble to these digital devices without triggering protection elements. In this case, first stages are the front, and their behaviors against these perturbation signals can alter the good operation of the device. Thus, we propose to study and model the behaviors of these first stages against such aggressions. First of all, an experimental platform was defined for the digital devices. A selection of devices is done and CMOS inverter was naturally chosen because of its presence in almost all of the first stages of digital devices, and because its structure is simple and well known. The choice of the CMOS technology is also due to its simplicity and omnipresence in current electronic equipments. Different perturbation signals were applied to these CMOS inverters to observe and record their typical and particular behaviors. Secondly, with the experimental results, a behavioral and generic SPICE model of CMOS inverters was developed. Different models exist for digital devices, but SPICE is the only one explicitly describing their complete architecture. But, for intellectual proprieties reasons, the manufacturers are usually reluctant to share information on their devices’ internals. However, the SPICE models are only valid within some operating limits defined by manufacturers. We have brought different modifications to this SPICE model to incorporate the observed behaviors of CMOS inverters inside and outside their normal operating conditions. The generic criterion of the final model imposed to study a large number of CMOS inverters of different manufacturers and different logic families. Finally, a synthesis of models and simulation results, by manufacturer and logic family, is produced.

CEM des composants

Susceptibilité électromagnétique

IEMI

Étages d'entrée

Inverseurs CMOS

Modélisation circuit

Simulation transitoire SPICE

Components EMC

Electromagnetic susceptibility

IEMI

Digital input stages

CMOS inverters

Circuit modeling

SPICE transient simulation

621.382 24

The Impulse-Radiating Antenna

Rosenlind, Johanna

January 2009

<p>As the interest in intentional electromagnetic interference (IEMI) increases, so does the need of a suitable antenna which endures those demanding conditions. The ultrawideband (UWB) technology provides an elegant way of generating high-voltage UWB pulses which can be used for IEMI. One UWB antenna, invented solely for the purpose of radiating pulses, is the impulse radiating antenna (IRA). In the course of this master thesis work, a suitable geometry of the IRA is suggested, and modelled, for the high-voltage application of 90 kV.</p>

Broadband antenna

IRA

time domain simulations

impedance matching

electrical breakdown

CST Microstripes

intentional electromagnetic interference

IEMI

ultrawide band

UWB

high-voltage

pulses

Other engineering physics

Övrig teknisk fysik

The Impulse-Radiating Antenna

Rosenlind, Johanna

January 2009

As the interest in intentional electromagnetic interference (IEMI) increases, so does the need of a suitable antenna which endures those demanding conditions. The ultrawideband (UWB) technology provides an elegant way of generating high-voltage UWB pulses which can be used for IEMI. One UWB antenna, invented solely for the purpose of radiating pulses, is the impulse radiating antenna (IRA). In the course of this master thesis work, a suitable geometry of the IRA is suggested, and modelled, for the high-voltage application of 90 kV.

Broadband antenna

IRA

time domain simulations

impedance matching

electrical breakdown

CST Microstripes

intentional electromagnetic interference

IEMI

ultrawide band

UWB

high-voltage

pulses

Other engineering physics

Övrig teknisk fysik