Skip to main content
SpringerLink
Log in

On Sensor Security in the Era of IoT and CPS

  • Survey Article
  • Published:
SN Computer Science Aims and scope Submit manuscript

Abstract

Sensors play an integral role in numerous devices across a diverse range of domains. While cyber-physical systems and the Internet of things use them extensively, sensors can also be commonly found in many standalone electronic devices. Concerns over the susceptibility of sensors to malicious attacks have led academia to focus on the security of these sensors. To help unite these efforts, we propose a lexicon to easily differentiate between types and methods of attacks on sensors. Using these definitions, one can quickly and clearly understand the method and the target of an attack. We examine the most recent and influential attacks on sensors, especially when they are acting as edge nodes of systems, as well as defenses against said attacks. We then seek to categorize these methods according to our lexicon, demonstrating its usefulness and solidifying the meaning of proposed terms.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Abdullah H, Garcia W, Peeters C, Traynor P, Butler KR, Wilson J. Practical hidden voice attacks against speech and speaker recognition systems. 2019. arXiv preprint arXiv:1904.05734.

  2. Aggarwal A, Kunta S, Verma PK. A proposed communications infrastructure for the smart grid. In: 2010 innovative smart grid technologies (ISGT). IEEE 2010. pp. 1–5.

  3. Alladi T, Chamola V, Sikdar B, Choo KR. Consumer iot: security vulnerability case studies and solutions. IEEE Consum Electron Mag. 2020;9(2):17–25. https://doi.org/10.1109/MCE.2019.2953740.

    Article  Google Scholar 

  4. Beavers I. Intelligence at the edge part 1: the edge node. 2017. https://www.analog.com/en/technical-articles/intelligence-at-the-edge-part-1-the-edge-node.html#. Accessed 28 Nov 2020.

  5. Beavers I. Intelligence at the edge part 2: reduced time to insight. 2017. https://www.analog.com/en/technical-articles/intelligence-at-the-edge-part-2-reduced-time-to-insight.html. Accessed 28 Nov 2020.

  6. Beavers I, MacLean E. Intelligence at the edge part 4: Edge node security. 2018. https://www.analog.com/en/technical-articles/intelligence-at-the-edge-part-4-edge-node-security.html. Accessed 28 Nov 2020.

  7. Cao Y, Xiao C, Cyr B, Zhou Y, Park W, Rampazzi S, Chen QA, Fu K, Mao ZM. Adversarial sensor attack on lidar-based perception in autonomous driving. 2019. arXiv preprint arXiv:1907.06826.

  8. Chang YH, Hu Q, Tomlin CJ. Secure estimation based kalman filter for cyber-physical systems against sensor attacks. Automatica. 2018;95:399–412.

    Article  MathSciNet  Google Scholar 

  9. Chen B, Yang Z, Huang S, Du X, Cui Z, Bhimani J, Xie X, Mi N. Cyber-physical system enabled nearby traffic flow modelling for autonomous vehicles. In: 2017 IEEE 36th international performance computing and communications conference (IPCCC). 2017. p. 1–6. https://doi.org/10.1109/PCCC.2017.8280498.

  10. Chen Y. Devil’s whisper: a general approach for physical adversarial attacks against commercial black-box speech recognition devices. In: 29th USENIX security symposium (USENIX Security 20). USENIX Association, Boston, MA; 2020. https://www.usenix.org/conference/usenixsecurity20/presentation/chen-yuxuan. Accessed 15 Dec 2020.

  11. Cheng CH, Chen CY, Chen JD, Pan DK, Ting KT, Lin FY. 3D pulsed chaos lidar system. Opt Express. 2018;26(9):12230–12241. https://doi.org/10.1364/OE.26.012230. http://www.opticsexpress.org/abstract.cfm?URI=oe-26-9-12230.

  12. Davidson D, Wu H, Jellinek R, Singh V, Ristenpart T. Controlling uavs with sensor input spoofing attacks. In: 10th USENIX workshop on offensive technologies (WOOT 16). USENIX Association, Austin, TX; 2016. https://www.usenix.org/conference/woot16/workshop-program/presentation/davidson. Accessed 15 Dec 2020.

  13. Degada A, Thapliyal H. An integrated trng-puf architecture based on photovoltaic solar cells. IEEE Consum Electron Mag. 2020;. https://doi.org/10.1109/MCE.2020.3019762.

    Article  Google Scholar 

  14. Dutta RG, Yu F, Zhang T, Hu Y, Jin Y. Security for safety: a path toward building trusted autonomous vehicles. In: Proceedings of the international conference on computer-aided design, ICCAD ’18; 2018. ACM, New York, p. 92:1–92:6. https://doi.org/10.1145/3240765.3243496.

  15. Dutta RG, Zhang T, Jin Y. Resilient distributed filter for state estimation of cyber-physical systems under attack. In: 2019 American Control Conference (ACC); 2019. p. 5141–5147. https://doi.org/10.23919/ACC.2019.8815298.

  16. Foundation NS. National science foundation—where discoveries begin; 2019. https://www.nsf.gov/news/special_reports/cyber-physical/. Accessed 15 Dec 2020.

  17. Giechaskiel I, Rasmussen KB. Taxonomy and challenges of out-of-band signal injection attacks and defenses. IEEE Commun Surv Tutor. 2019;. https://doi.org/10.1109/COMST.2019.2952858.

    Article  Google Scholar 

  18. Giraldo J, Sarkar E, Cardenas AA, Maniatakos M, Kantarcioglu M. Security and privacy in cyber-physical systems: a survey of surveys. IEEE Des Test. 2017;34(4):7–17.

    Article  Google Scholar 

  19. Goward D. Mass gps spoofing attack in black sea? 2017. https://www.maritime-executive.com/editorials/mass-gps-spoofing-attack-in-black-sea. Accessed 28 Nov 2020.

  20. Guajardo J, Kumar SS, Schrijen GJ, Tuyls P. Fpga intrinsic pufs and their use for ip protection. In: International workshop on cryptographic hardware and embedded systems; 2007. Springer, p. 63–80.

  21. Hassija V, Chamola V, Saxena V, Jain D, Goyal P, Sikdar B. A survey on iot security: application areas, security threats, and solution architectures. IEEE Access. 2019;7:82721–43. https://doi.org/10.1109/ACCESS.2019.2924045.

    Article  Google Scholar 

  22. Higgins S. Velodyne cuts vlp-16 lidar price to \$4k; 2019. https://www.spar3d.com/news/lidar/velodyne-cuts-vlp-16-lidar-price-4k/. Accessed 15 Dec 2020.

  23. Hitaj D, Mancini LV. Have you stolen my model? Evasion attacks against deep neural network watermarking techniques. CoRR. 2018. arXiv:abs/1809.00615.

  24. Ishtiaq RRM, Mustafaa H, Travis TSO, Xua W, Gruteserb M, Trappeb W, Seskarb I. Security and privacy vulnerabilities of in-car wireless networks: a tire pressure monitoring system case study. In: 19th USENIX Security Symposium; 2010. Washington DC, p. 11–13.

  25. Karnouskos S. Cyber-physical systems in the smartgrid. In: 2011 9th IEEE international conference on industrial informatics; 2011. IEEE, p. 20–23.

  26. Kim NY, Rathore S, Ryu JH, Park JH, Park JH. A survey on cyber physical system security for iot: issues, challenges, threats, solutions. J Inf Process Syst. 2018;14(6):1361–84.

    Google Scholar 

  27. Kim T, Kim CH, Rhee J, Fei F, Tu Z, Walkup G, Zhang X, Deng X, Xu D. Rvfuzzer: finding input validation bugs in robotic vehicles through control-guided testing. In: 28th USENIX Security Symposium (USENIX Security 19); 2019. USENIX Association, Santa Clara, CA, p. 425–42. https://www.usenix.org/conference/usenixsecurity19/presentation/kim. Accessed 15 Dec 2020.

  28. Krok A. Velodyne’s tiny velabit packs a big lidar punch for just \$100. 2020. https://www.cnet.com/roadshow/news/velodyne-velabit-small-inexpensive-lidar-ces/. Accessed 15 Dec 2020.

  29. Kumar D, Paccagnella R, Murley P, Hennenfent E, Mason J, Bates A, Bailey M. Skill squatting attacks on amazon alexa. In: 27th USENIX security symposium (USENIX Security 18); 2018. p. 33–47.

  30. Kune DF, Backes J, Clark SS, Kramer D, Reynolds M, Fu K, Kim Y, Xu W. Ghost talk: mitigating emi signal injection attacks against analog sensors. In: 2013 IEEE symposium on security and privacy; 2013. IEEE, p. 145–159.

  31. Kurakin, A, Goodfellow, I, Bengio, S. Adversarial examples in the physical world. 2016. arXiv preprint arXiv:1607.02533.

  32. Kwong A, Xu W, Fu K. Hard drive of hearing: disks that eavesdrop with a synthesized microphone. In: 2019 IEEE symposium on security and privacy (SP); 2019. IEEE, p. 125–139.

  33. Labrado C, Kumar SD, Badhan R, Thapliyal H, Singh V. Exploration of solar cell materials for developing novel pufs in cyber-physical systems. SN Comput Sci. 2020;1(6):1–13.

    Article  Google Scholar 

  34. Labrado C, Thapliyal H. Design of a piezoelectric-based physically unclonable function for iot security. IEEE Internet Things J. 2019;6(2):2770–7. https://doi.org/10.1109/JIOT.2018.2874626.

    Article  Google Scholar 

  35. Labrado C, Thapliyal H, Prowell S, Kuruganti T. Use of thermistor temperature sensors for cyber-physical system security. Sensors. 2019;19(18):3905. https://doi.org/10.3390/s19183905.

    Article  Google Scholar 

  36. Li J, Schmidt FR, Kolter JZ. Adversarial camera stickers: A physical camera attack on deep learning classifier. In: Proceedings of the 36th international conference on machine learning; 2019.

  37. Lin F, Liu J. Chaotic lidar. IEEE J Sel Top Quantum Electron. 2004;10:991–7. https://doi.org/10.1109/JSTQE.2004.83596.

    Article  Google Scholar 

  38. Martin JR. Literacy in science: learning to handle text as technology. Writing science: literacy and discursive power; 1993. p. 166–202.

  39. Martin JR. Technicality and abstraction: language for the creation of specialized texts. Writing science: literacy and discursive power; 1993. p. 203–220.

  40. Metzen JH, Genewein T, Fischer V, Bischoff B. On detecting adversarial perturbations. In: 5th international conference on learning representations, ICLR 2017, Toulon, France, April 24–26, 2017, conference track proceedings. OpenReview.net. 2017. https://openreview.net/forum?id=SJzCSf9xg. Accessed 15 Dec 2020.

  41. Mukhopadhyay D. Pufs as promising tools for security in internet of things. IEEE Des Test. 2016;33(3):103–15.

    Article  Google Scholar 

  42. Oligeri G, Sciancalepore S, Ibrahim OA, Di Pietro R. Drive me not: Gps spoofing detection via cellular network. In: WiSec ’19 proceedings of the 12th conference on security and privacy in wireless and mobile networks; 2019.

  43. Park Y, Son Y, Shin H, Kim D, Kim Y. This ain’t your dose: sensor spoofing attack on medical infusion pump. In: 10th USENIX workshop on offensive technologies (WOOT 16); 2016. USENIX Association, Austin, TX. https://www.usenix.org/conference/woot16/workshop-program/presentation/park. Accessed 15 Dec 2020.

  44. Petit J, Stottelaar B, Feiri M, Kargl F. Remote attacks on automated vehicles sensors: experiments on camera and lidar. Black Hat Eur. 2015;11:2015.

    Google Scholar 

  45. Samsung: Family hub refrigerator. 2019. https://www.samsung.com/us/explore/family-hub-refrigerator/overview/. Accessed 15 Dec 2020.

  46. Sathaye H, Schepers D, Ranganathan A, Noubir G. Wireless attacks on aircraft instrument landing systems. In: 28th USENIX security symposium; 2019. USENIX Association.

  47. Shepard DP, Humphreys TE, Fansler AA. Evaluation of the vulnerability of phasor measurement units to gps spoofing attacks. Int J Crit Infrastruct Protect. 2012;5(3):146–53. https://doi.org/10.1016/j.ijcip.2012.09.003.

    Article  Google Scholar 

  48. Shin H, Kim D, Kwon Y, Kim Y. Illusion and dazzle: adversarial optical channel exploits against lidars for automotive applications. In: International conference on cryptographic hardware and embedded systems; 2017. Springer, p. 445–467.

  49. Shoukry Y, Martin P, Tabuada P, Srivastava M. Non-invasive spoofing attacks for anti-lock braking systems. In: International workshop on cryptographic hardware and embedded systems, 2013. Springer, p. 55–72.

  50. Singh M, Rajan MA, Shivraj VL, Balamuralidhar P. Secure mqtt for internet of things (iot). In: 2015 fifth international conference on communication systems and network technologies, 2015. p. 746–751. https://doi.org/10.1109/CSNT.2015.16.

  51. Sitawarin C, Wagner D. Minimum-norm adversarial examples on knn and knn-based models; 2020. arXiv preprint arXiv:2003.06559.

  52. Son Y, Shin H, Kim D, Park Y, Noh J, Choi K, Choi J, Kim Y. Rocking drones with intentional sound noise on gyroscopic sensors. In: 24th USENIX Security Symposium (USENIX Security 15); 2015. p. 881–96.

  53. Soobramaney P. Mitigation of the effects of high levels of high-frequency noise on mems gyroscopes. Ph.D. thesis, Auburn University 2013.

  54. Sugawara T, Cyr B, Rampazzi S, Genkin D, Fu K. Light commands: laser-based audio injection attacks on voice-controllable systems. In: 29th USENIX Security Symposium (USENIX Security 20); 2020. USENIX Association, p. 2631–48. https://www.usenix.org/conference/usenixsecurity20/presentation/sugawara. Accessed 15 Dec 2020.

  55. Thapliyal H, Mohanty SP, Prowell S. Emerging paradigms in vehicular cybersecurity. IEEE Consum Electron Mag. 2019;8(6):81–3. https://doi.org/10.1109/MCE.2019.2928066.

    Article  Google Scholar 

  56. Thompson KD. Cyber-physical systems; 2019. https://www.nist.gov/el/cyber-physical-systems. Accessed 15 Dec 2020.

  57. Tramèr F, Kurakin A, Papernot N, Goodfellow I, Boneh D, McDaniel P. Ensemble adversarial training: attacks and defenses; 2017. arXiv preprint arXiv:1705.07204.

  58. Trippel T, Weisse O, Xu W, Honeyman P, Fu K. Walnut: waging doubt on the integrity of mems accelerometers with acoustic injection attacks. In: 2017 IEEE European symposium on security and privacy (EuroS&P); 2017. IEEE, p. 3–18.

  59. Tu Y, Rampazzi S, Hao B, Rodriguez A, Fu K, Hei X. Trick or heat? manipulating critical temperature-based control systems using rectification attacks. In: CCS ’19 Proceedings of the 2019 ACM SIGSAC conference on computer and communications security; 2019. https://doi.org/10.1145/3319535.3354195.

  60. Um D. Massive sensor array fault tolerance: tolerance mechanism and fault injection for validation. J Robot. 2010;. https://doi.org/10.1155/2010/745834.

    Article  Google Scholar 

  61. Wang Y, Chao W, Garg D, Hariharan B, Campbell M, Weinberger KQ. Pseudo-lidar from visual depth estimation: Bridging the gap in 3d object detection for autonomous driving. CoRR. 2018. arXiv:abs/1812.07179.

  62. Woodward-Kron R. More than just jargon—the nature and role of specialist language in learning disciplinary knowledge. J English Acad Purp. 2008;7(4):234–49. https://doi.org/10.1016/j.jeap.2008.10.004.

    Article  Google Scholar 

  63. Woody C. The navy’s 4th accident this year is stirring concerns about hackers targeting us warships; 2017. https://www.businessinsider.com/hacking-and-gps-spoofing-involved-in-navy-accidents-2017-8. Accessed 28 Nov 2020.

  64. Xiang C, Qi CR, Li B. Generating 3d adversarial point clouds. In: The IEEE conference on computer vision and pattern recognition (CVPR); 2019.

  65. Xiao Q, Chen Y, Shen C, Chen Y, Li K. Seeing is not believing: Camouflage attacks on image scaling algorithms. In: 28th USENIX Security Symposium (USENIX Security 19); 2019. USENIX Association, Santa Clara, CA, p. 443–460. https://www.usenix.org/conference/usenixsecurity19/presentation/xiao.

  66. Yang B. Study on security of wireless sensor network based on zigbee standard. In: 2009 international conference on computational intelligence and security, vol. 2; 2009. IEEE, p. 426–430.

  67. Yoo HW, Druml N, Brunner D, Schwarzl C, Thurner T, Hennecke M, Schitter G. Mems-based lidar for autonomous driving. e & i Elektrotechnik und Informationstechnik. 2018;135(6):408–15. https://doi.org/10.1007/s00502-018-0635-2.

    Article  Google Scholar 

  68. Yuan X, Chen Y, Zhao Y, Long Y, Liu X, Chen K, Zhang S, Huang H, Wang X, Gunter CA. Commandersong: a systematic approach for practical adversarial voice recognition. In: 27th USENIX security symposium (USENIX Security 18); 2018. p. 49–64.

  69. Zhang G, Yan C, Ji X, Zhang T, Zhang T, Xu W. Dolphinattack: inaudible voice commands. In: Proceedings of the 2017 ACM SIGSAC conference on computer and communications security; 2017. ACM, p. 103–117.

  70. Zhang Y, Rasmussen K. Detection of electromagnetic interference attacks on sensor systems. In: IEEE Symposium on Security and Privacy; 2020.

  71. Zhang Z, Gong S, Dimitrovski AD, Li H. Time synchronization attack in smart grid: impact and analysis. IEEE Trans Smart Grid. 2013;4(1):87–98. https://doi.org/10.1109/TSG.2012.2227342.

    Article  Google Scholar 

Download references

Acknowledgements

This work is partially supported by the National Science Foundation (NSF-1818500, NSF-1916175).

Author information

Authors and Affiliations

  1. Security in Silicon Lab in the Department of Electrical and Computer Engineering, University of Florida, Gainesville, FL, 32611, USA

    Max Panoff, Raj Gautam Dutta, Yaodan Hu, Kaichen Yang & Yier Jin

Authors
  1. Max Panoff
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Raj Gautam Dutta
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yaodan Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kaichen Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yier Jin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yier Jin.

Ethics declarations

Conflict of interest

On behalf of all authors, the corresponding author states that there is no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This article is part of the topical collection “Hardware-Assisted Security Solutions for Electronic Systems” guest edited by Himanshu Thapliyal, Saraju P. Mohanty, Wujie Wen, and Yiran Chen.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Panoff, M., Dutta, R.G., Hu, Y. et al. On Sensor Security in the Era of IoT and CPS. SN COMPUT. SCI. 2, 51 (2021). https://doi.org/10.1007/s42979-020-00423-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s42979-020-00423-5

Keywords

Search

Navigation