Farid Molazem Tabrizi and Karthik Pattabiraman, Annual Computer Security Applications Conference (ACSAC), 2016. (Acceptance Rate: 23%) [ PDF | Talk ]
Videos of the Attacks on SEGMeter
Abstract: Smart embedded systems are core components of Internet of Things (IoT). Many vulnerabilities and attacks have been discovered against different classes of IoT devices. Therefore, developing a systematic mechanism to analyze the security of smart embedded systems will help developers discover new attacks, and improve the design and implementation of the system. In this paper, we formally model the functionalities of smart meters, as an example of a widely used smart embedded device, using rewriting logic. We also define a formal set of actions for attackers. Our formal model enables us to automatically analyze the system, and using model-checking, find all the sequences of attacker actions that transition the system to any undesirable state. We evaluate the analysis results of our model on a real smart meter, and find that a sizeable set of the attacks found by the model can be applied to the real meter, using only inexpensive, commodity off-the-shelf hardware.
email: email@example.comPhone: 604-827-4245 (please email first)
Address: Rm. 4048, Fred Kaiser Building, 2332 Main Mall, Vancouver, BC V6T1Z4.
- An Empirical Study of the Impact of Single and Multiple Bit-Flip Errors in Programs
- New Wine in an Old Bottle: N-Version Programming for Machine Learning Components
- Stealthy Attacks Against Robotic Vehicles Protected by Control-based Intrusion Detection Techniques
- How Far Have We Come in Detecting Anomalies in Distributed Systems? An Empirical Study with a Statement-level Fault Injection Method
- TensorFI: A Flexible Fault Injection Framework for TensorFlow Applications
- GPU-TRIDENT: Efficient Modeling of Error Propagation in GPU Programs
- How Effective are Smart Contract Static Analysis Tools ? Evaluating Smart Contract Static Analysis Tools Using Bug Injection
- TraceSanitizer – Eliminating the Effects of Non-determinism on Error Propagation Analysis
- Improving the Accuracy of IR-Level Fault Injection