Autonoma fordon - Dess funktion, möjligheter och risker / Autonomous vehicles - its function, possibilities and risks

Khoogar, Alireza

January 2018

Dagens samhälle är starkt beroende av ett flertal kritiska infrastrukturer varav elproduktion, telekommunikationssystem och transportsystem är några. Dessa kritiska infrastrukturer är mycket hopflätade och internt beroende av varandra. De är alla mer eller mindre sårbara och riskerar att förlora delar eller hela deras funktionalitet. Samhället har som mål att skydda all sin kritiska infrastruktur på bästa sätt mot möjliga hot och försöker minimera risken för negativa händelser. Det som ständigt bör eftersträvas är bättre metoder för att kvantifiera och i förlängningen hantera dessa risker. I ett samhälle som är stark beroende av elektroniska system kan det finnas antagonister som har till avsikt att med hjälp av elektromagnetiska störning slå ut eller begränsa funktioner i infrastrukturen. Detta gör exempelvis autonoma fordon sårbara om inga säkerhetsåtgärder vidtas. Det innebär att risknivåer och acceptabla risker i samband med autonoma fordon behöver identifieras och fastställas. Syftet med detta examensarbete är att beskriva vad ett autonomt fordon är, identifiera vilka risker det finns samt hur stor påverkan dessa risker har på autonoma fordon vid en IEMI-attack. Examensarbetet omfattar en bakgrundsstudie som behandlar hur autonoma fordon fungerar, samt vilka tänkbara risker avsiktlig elektromagnetiska störningar kan visa för autonoma fordon. Resultatet från examensarbetet visar att de komponenter som misstänks vara utsatt för elektromagnetisk störning bör genomgå en riskanalys. Detta för att validera risken samt den elektromagnetiska störningens konsekvenser. / Today's society is heavily dependent on a number of critical infrastructures, of which electricity generation, telecommunications systems and transport systems are few. These critical infrastructures are highly interlinked and interdependent. They are all more or less vulnerable and risk losing parts or their entire functionality. The society's goal is to safeguard all critical infrastructure in the best possible way against possible threats and try to minimize the risk of fallout. What is constantly being sought is better methods of quantifying and managing these risks in the long run. The risks are linked to verified risk levels that deal with an acceptance limit. In a society that is highly dependent on electronic systems, there may also be antagonists who intend to disable or limit functions in the infrastructure by means of electromagnetic interference. This makes for example autonomous vehicles vulnerable if no safety measures are taken. This means that risk levels and acceptable risks associated with autonomous vehicles need to be identified and established. The purpose of this study is to describe what an autonomous vehicle is, identify what risks there are and how much impact these risks have on autonomous vehicles. The following thesis work includes a background study that deals with the functioning of autonomous vehicles, and what possible risks involve intentional electromagnetic interference for autonomous vehicles? The result of the study indicates that all components suspected of being exposed to electromagnetic interference should undergo a risk analysis. This to validate the risk and its consequence.

Autonomous vehicles

IEMI

risk analysis

Autonoma fordon

IEMI

riskanalys

Engineering and Technology

Teknik och teknologier

Physical Layer Data Integrity Attacks and Defenses in Cyber-Physical Systems

Mohammed, Abdullah Zubair

24 January 2025

Loss of data integrity in a safety-critical cyber-physical system (CPS), such as healthcare or intelligent transport, has a severe impact on its operation that can potentially lead to life-threatening consequences. This work investigates the vulnerability of CPS to physical-layer data integrity attacks and proposes countermeasures to enhance system resilience. Software-based cybersecurity approaches may not be efficient in mitigating threats aimed at the physical layer, leaving CPS particularly susceptible to manipulation through methods that exploit hardware vectors such as electromagnetic interference and data transmission medium. This work begins with a focus on using intentional electromagnetic interference (IEMI) to manipulate data and further explores other physical layer characteristics that can be exploited to conduct physical-layer attacks across various CPS environments. In the first phase of the research, the use of IEMI to induce controlled bit flips in widely used serial digital communication protocols is examined. In contrast to state-of-the-art IEMI attacks that use a narrow-band sinusoid as an attack signal, a complex, wideband, rectangular waveform is designed to improve the attack success rate from less than 50% to 75%. Further, the vulnerabilities of printed circuit board (PCB) traces to IEMI in highly safety-critical applications, such as electric vehicle (EV) charging, is addressed. On PCBs, IEMI attacks exploit the signal-carrying traces, that act as unintentional antennas under an adversarial electromagnetic field. Experiments demonstrated that such attacks are more challenging due to the PCB's structure but are still feasible with sufficient attacker power. A suite of passive countermeasures is evaluated, including differential signaling, via-fencing, and optical fiber interconnects, along with a novel multiplexer-based defense that dynamically modifies signal paths to evade detection. Each countermeasure is extensively evaluated and ranked based on its effectiveness, and adaptive attack strategies are analyzed to address potential future threats. In the IoT domain, this work presented a preliminary investigation on a novel "wireless spiking" technique on smart locks, that enables attackers to bypass standard security measures and unlock/lock with no physical contact. Using IEMI, the control circuitry is manipulated to unlock devices remotely. The methodology, involving hardware reverse engineering and attack point identification, is presented, which applies to other IoT devices in smart home environments. In the field of automotive cybersecurity, bit manipulation attacks targeting the Controller Area Network (CAN) bus are investigated. By exploiting its transmission line nature, these attacks challenge the fundamental assumptions of the CAN's physical layer and are capable of inducing bidirectional bit flips, from recessive to dominant (R→D) and significantly difficult dominant to recessive (D→R). The flips are further made undetectable to CAN's standard error-checking mechanisms. These attacks are simulated and validated in both lab and real-world vehicle environments. Finally, a defense mechanism for vehicle identification security in intelligent transportation systems using device fingerprinting is proposed. This approach utilizes inductive loop detectors (ILD) to capture unique electromagnetic signatures of vehicles, achieving up to 93% accuracy in identifying their make, model, and year. The ILD-based technique secures access control in automated systems and provides a cost-effective, drop-in solution for existing infrastructure, mitigating risks such as unauthorized vehicle impersonation and charging station exploitation. This work establishes a systematic framework for understanding, detecting, and defending against physical-layer data integrity attacks in CPS. Through the development of novel attack vectors and robust countermeasures, this research enhances the field of CPS security, emphasizing the need for comprehensive defenses that extend beyond conventional software-based approaches. / Doctor of Philosophy / In our increasingly connected world, cyber-physical systems (CPS)—technologies that combine digital and physical processes—are essential to modern life. These systems, from smart homes to intelligent vehicles, integrate sensors, actuators, and controllers to manage everything from personal security to automated transportation. While they bring convenience and efficiency, these systems are also vulnerable to attacks that can alter their data and disrupt operations, specifically at the hardware level, posing serious risks to safety and security. The adversary can attack the communication channels between sensors/actuators and the controller seeking to manipulate the signals and falsify data. Incorrect decision-making based on manipulated data leads to safety risks or system failure. Unlike typical cyberattacks, which often exploit software vulnerabilities, these threats target the hardware layer directly, bypassing conventional cybersecurity defenses designed only to protect software. This work investigates attacks against data integrity, where attackers use intentional electromagnetic interference (IEMI) to corrupt data exchanged between CPS components. For instance, it is demonstrated that attackers can, without physical access, interfere with communication channels in industrial and automotive systems, altering data exchanged between sensors and controllers. By sending precisely crafted electromagnetic signals, an attacker can inject or modify data in real-time, allowing them to influence system behavior wirelessly. In addition to IEMI, this work also highlights how vulnerabilities in hardware could compromise critical systems in modern automobiles. For example, we demonstrate how attackers could subtly alter messages on a vehicle's communication network (the controller area network), interfering with safety-critical functions. These attacks evade standard error-checking systems, further underscoring the need for hardware-level defenses that software cannot address. Additionally, we tackle the growing challenge of vehicle identification security in intelligent transportation systems. Unauthorized access to restricted areas or privileges, such as electric vehicle (EV) charging stations, could be exploited if attackers impersonate legitimate vehicles. To counter this, we propose a new method that "fingerprints" each vehicle based on its unique physical characteristics, helping ensure only authorized vehicles gain access. Through extensive testing, we validate our proposed countermeasures across different CPS environments, offering practical defenses against these physical-layer attacks. By providing solutions that secure both communication and identification in CPS, this work lays the groundwork for a safer and more resilient future where these critical systems are better protected from physical-layer attacks.

IEMI

Device Fingerprinting

Physical Layer Security

Automotive secuirty

Electromagnetic Interference Attacks on Cyber-Physical Systems: Theory, Demonstration, and Defense

Dayanikli, Gokcen Yilmaz

27 August 2021

A cyber-physical system (CPS) is a complex integration of hardware and software components to perform well-defined tasks. Up to this point, many software-based attacks targeting the network and computation layers have been reported by the researchers. However, the physical layer attacks that utilize natural phenomena (e.g., electromagnetic waves) to manipulate safety-critic signals such as analog sensor outputs, digital data, and actuation signals have recently taken the attention. The purpose of this dissertation is to detect the weaknesses of cyber-physical systems against low-power Intentional Electromagnetic Interference (IEMI) attacks and provide hardware-level countermeasures. Actuators are irreplaceable components of electronic systems that control the physically moving sections, e.g., servo motors that control robot arms. In Chapter 2, the potential effects of IEMI attacks on actuation control are presented. Pulse Width Modulation (PWM) signal, which is the industry–standard for actuation control, is observed to be vulnerable to IEMI with specific frequency and modulated–waveforms. Additionally, an advanced attacker with limited information about the victim can prevent the actuation, e.g., stop the rotation of a DC or servo motor. For some specific actuator models, the attacker can even take the control of the actuators and consequently the motion of the CPS, e.g., the flight trajectory of a UAV. The attacks are demonstrated on a fixed-wing unmanned aerial vehicle (UAV) during varying flight scenarios, and it is observed that the attacker can block or take control of the flight surfaces (e.g., aileron) which results in a crash of the UAV or a controllable change in its trajectory, respectively. Serial communication protocols such as UART or SPI are widely employed in electronic systems to establish communication between peripherals (e.g., sensors) and controllers. It is observed that an adversary with the reported three-phase attack mechanism can replace the original victim data with the 'desired' false data. In the detection phase, the attacker listens to the EM leakage of the victim system. In the signal processing phase, the exact timing of the victim data is determined from the victim EM leakage, and in the transmission phase, the radiated attack waveform replaces the original data with the 'desired' false data. The attack waveform is a narrowband signal at the victim baud rate, and in a proof–of–concept demonstration, the attacks are observed to be over 98% effective at inducing a desired bit sequence into pseudorandom UART frames. Countermeasures such as twisted cables are discussed and experimentally validated in high-IEMI scenarios. In Chapter 4, a state-of-art electrical vehicle (EV) charger is assessed in IEMI attack scenarios, and it is observed that an attacker can use low–cost RF components to inject false current or voltage sensor readings into the system. The manipulated sensor data results in a drastic increase in the current supplied to the EV which can easily result in physical damage due to thermal runaway of the batteries. The current switches, which control the output current of the EV charger, can be controlled (i.e., turned on) by relatively high–power IEMI, which gives the attacker direct control of the current supplied to the EV. The attacks on UAVs, communication systems, and EV chargers show that additional hardware countermeasures should be added to the state-of-art system design to alleviate the effect of IEMI attacks. The fiber-optic transmission and low-frequency magnetic field shielding can be used to transmit 'significant signals' or PCB-level countermeasures can be utilized which are reported in Chapter 5. / Doctor of Philosophy / The secure operation of an electronic system depends on the integrity of the signals transmitted from/to components like sensors, actuators, and controllers. Adversaries frequently aim to block or manipulate the information carried in sensor and actuation signals to disrupt the operation of the victim system with physical phenomena, e.g., infrared light or acoustic waves. In this dissertation, it is shown that low-power electromagnetic (EM) waves, with specific frequency and form devised for the victim system, can be utilized as an attack tool to disrupt, and, in some scenarios, control the operation of the system; moreover, it is shown that these attacks can be mitigated with hardware-level countermeasures. In Chapter 2, the attacks are applied to electric motors on an unmanned aerial vehicle (UAV), and it is observed that an attacker can block (i.e., crash of the UAV) or control the UAV motion with EM waves. In Chapter 3, it is shown that digital communication systems are not resilient against intentional electromagnetic interference (IEMI), either. Low–power EM waves can be utilized by attackers to replace the data in serial communication systems with a success rate %98 or more. In Chapter 4, the attacks are applied to the sensors and actuators of electric vehicle chargers with low–cost over–the–shelf amplifiers and antennas, and it is shown that EM interference attacks can manipulate the sensor data and boosts the current supplied to the EV, which can result in overheating and fire. To ensure secure electronic system operation, hardware–level defense mechanisms are discussed and validated with analytical solutions, simulations, and experiments.

Cyber-Physical System Security

Electromagnetic Attacks

Signal Integrity

Contribution à l'analyse de la susceptibilité électromagnétique des composants : Caractérisation et modélisation des étages d'entrée des circuits intégrés numériques / Contribution to the electromagnetic susceptibility analysis of components : Characterization and modeling of input stages of digital integrated circuits

Kane, Ibrahim

21 December 2016

La prolifération des composants électroniques fait que l'étude de leur vulnérabilité face à des agressions électromagnétiques intentionnelles ou non devient de plus en plus préoccupante. Notre étude s'inscrit dans ce contexte et s'oriente plus particulièrement vers les composants numériques. Ces derniers incorporent généralement, à toutes leurs interfaces d'entrée et de sortie, des éléments de protection contre les décharges électrostatiques permettant d'éliminer tout signal se présentant avec une amplitude élevée. Cependant, les signaux perturbateurs peuvent avoir des amplitudes moindres mais des formes d'onde complexes et capables de causer des dysfonctionnements à ces composants numériques sans activer les protections. Dans ce cas, les étages d'entrée se retrouvent au premier plan et leur comportement face à ces signaux perturbateurs peut altérer la fonctionnalité globale du circuit. Ainsi, nous nous sommes proposés d'étudier et de modéliser les comportements de ces étages d'entrée face à ces types d'agressions. Une première étape a consisté à définir une plateforme d'expérimentation pour les composants numériques. Une sélection des types de composants de test a d'abord été effectuée et le choix s'est porté naturellement sur l'inverseur CMOS, car il est présent sur la quasi-totalité des étages d'entrée, et sa structure est simple et connue. Le choix de cette technologie est également dicté par sa simplicité et son omniprésence dans les équipements électroniques actuels. Différents types de signaux perturbateurs ont été appliqués à ces inverseurs CMOS afin d'observer et de relever leurs comportements typiques et particuliers. Ensuite, à partir des résultats expérimentaux, un modèle SPICE comportemental et générique des inverseurs CMOS a été créé. Différents types de modèles de composants numériques existent mais le type SPICE est le seul à expliciter leur architecture complète. En effet, pour des raisons liées aux propriétés intellectuelles, les fabricants sont généralement discrets sur les structures internes de leurs circuits intégrés. Par contre, ces modèles SPICE ne sont à priori valables que dans des limites de fonctionnement définis par les fabricants. Nous avons apporté diverses modifications à ce modèle afin d'incorporer les comportements observés en dehors des limites de fonctionnement des inverseurs CMOS. Le besoin de trouver un modèle générique a imposé d'étudier un grand nombre d'échantillons d'inverseurs CMOS de différents fabricants et de différentes familles technologies. Enfin, une synthèse des résultats de simulations et des modèles, en fonction des fabricants et des familles technologiques, a été réalisée sous forme d'un tableau récapitulatif. / The proliferation of electronic components increases the interest of investigations about their vulnerability against electromagnetic interference intentionally emitted or not. Our study falls in this context and is specifically devoted to digital devices. These devices usually include, at their input/output ports, protection elements to prevent against electrostatic discharges and all kind of signals with very high amplitude. However, the perturbating signals can have low amplitude and complex waveforms that can cause trouble to these digital devices without triggering protection elements. In this case, first stages are the front, and their behaviors against these perturbation signals can alter the good operation of the device. Thus, we propose to study and model the behaviors of these first stages against such aggressions. First of all, an experimental platform was defined for the digital devices. A selection of devices is done and CMOS inverter was naturally chosen because of its presence in almost all of the first stages of digital devices, and because its structure is simple and well known. The choice of the CMOS technology is also due to its simplicity and omnipresence in current electronic equipments. Different perturbation signals were applied to these CMOS inverters to observe and record their typical and particular behaviors. Secondly, with the experimental results, a behavioral and generic SPICE model of CMOS inverters was developed. Different models exist for digital devices, but SPICE is the only one explicitly describing their complete architecture. But, for intellectual proprieties reasons, the manufacturers are usually reluctant to share information on their devices’ internals. However, the SPICE models are only valid within some operating limits defined by manufacturers. We have brought different modifications to this SPICE model to incorporate the observed behaviors of CMOS inverters inside and outside their normal operating conditions. The generic criterion of the final model imposed to study a large number of CMOS inverters of different manufacturers and different logic families. Finally, a synthesis of models and simulation results, by manufacturer and logic family, is produced.

CEM des composants

Susceptibilité électromagnétique

IEMI

Étages d'entrée

Inverseurs CMOS

Modélisation circuit

Simulation transitoire SPICE

Components EMC

Electromagnetic susceptibility

IEMI

Digital input stages

CMOS inverters

Circuit modeling

SPICE transient simulation

621.382 24

The Impulse-Radiating Antenna

Rosenlind, Johanna

January 2009

<p>As the interest in intentional electromagnetic interference (IEMI) increases, so does the need of a suitable antenna which endures those demanding conditions. The ultrawideband (UWB) technology provides an elegant way of generating high-voltage UWB pulses which can be used for IEMI. One UWB antenna, invented solely for the purpose of radiating pulses, is the impulse radiating antenna (IRA). In the course of this master thesis work, a suitable geometry of the IRA is suggested, and modelled, for the high-voltage application of 90 kV.</p>

Broadband antenna

IRA

time domain simulations

impedance matching

electrical breakdown

CST Microstripes

intentional electromagnetic interference

IEMI

ultrawide band

UWB

high-voltage

pulses

Other engineering physics

Övrig teknisk fysik

The Impulse-Radiating Antenna

Rosenlind, Johanna

January 2009

As the interest in intentional electromagnetic interference (IEMI) increases, so does the need of a suitable antenna which endures those demanding conditions. The ultrawideband (UWB) technology provides an elegant way of generating high-voltage UWB pulses which can be used for IEMI. One UWB antenna, invented solely for the purpose of radiating pulses, is the impulse radiating antenna (IRA). In the course of this master thesis work, a suitable geometry of the IRA is suggested, and modelled, for the high-voltage application of 90 kV.

Broadband antenna

IRA

time domain simulations

impedance matching

electrical breakdown

CST Microstripes

intentional electromagnetic interference

IEMI

ultrawide band

UWB

high-voltage

pulses

Other engineering physics

Övrig teknisk fysik