Impedance Leakage Vulnerability and Its Utilization in Reverse-Engineering Embedded Software

Impedance Leakage Vulnerability and Its Utilization in Reverse-Engineering Embedded Software

연구 분야: Analysis

학회: ACM Journal on Emerging Technologies in Computing Systems

Discovering new vulnerabilities and implementing security and privacy measures are important to protect systems and data against physical attacks. One such vulnerability is impedance, an inherent property of a device that can be exploited to leak information through an unintended side-channel, thereby posing significant security and privacy risks. Unlike traditional vulnerabilities, impedance is often overlooked or narrowly explored, as it is typically treated as a fixed value at a specific frequency in research and design endeavors, leaving its potential for information leakage largely unexplored. This paper demonstrates that the impedance of an embedded device is not constant and directly relates to the programs executed on the device. We define this phenomenon as impedance leakage and use this as a side-channel to extract software instructions from protected memory. Our experiment on the ATmega328P microcontroller and the Artix 7 FPGA indicates that the impedance side-channel can detect software instructions with 96.1% and 92.6% accuracy, respectively. Furthermore, we explore the dual nature of the impedance side-channel, highlighting the potential for beneficial purposes and the associated risk of intellectual property theft.