EARIC: Exploiting ADC Registers in IoT and Control Systems

EARIC: Exploiting ADC Registers in IoT and Control Systems

연구 분야: Analysis

학회: International Conference on Applied Cryptography and Network Security

An analog-to-digital converter (ADC) is a critical part of most computing systems as it converts analog signals into quantifiable digital values. Since most digital devices operate only on digital values, the ADC acts as an interface between the digital and analog worlds. Hence, ADCs are commonly used in a wide-range of application areas, such as internet of things (IoT), industrial control systems (ICS), cyber-physical systems (CPS), audio/video devices, medical imaging, digital oscilloscopes, and cell phones, among others. For example, programmable logic controllers (PLCs) in ICS/CPS often make control decisions based on digital values that are converted from analog signals by ADCs. Due to its crucial role in various applications, ADCs are often targeted by a wide-range of physical and cyber attacks. Attackers may exploit vulnerabilities that could be found in the software/hardware of ADCs. In this work, we first conduct a deeper study on the ADC conversion logic to scrutinize relevant vulnerabilities that were not well explored by prior works. Hence, we manage to identify exploitable vulnerabilities on certain ADC registers that are used in the ADC conversion process. These vulnerabilities can allow attackers to launch dangerous attacks that can disrupt the behaviour of the targeted system (e.g., an IoT or control system) in a stealthy way. As a proof of concept, we design three such attacks by exploiting the vulnerabilities identified. Finally, we test the attacks on a mini-CPS testbed we designed using IoT devices, analog sensors and actuators. Our experimental results reveal high effectiveness of the proposed attack techniques in misleading PLCs to make incorrect control decisions in CPS. We also analyze the impact of such attacks when launched in realistic CPS testbeds.