Battery-less IoT Devices: Energy Source Manipulation Attacks
Sammanfattning: The Internet of Things (IoT) is expected to enable applications of utmost societal value, such as energy-efficient buildings, smart cities, and next-generation healthcare. While there has been a lot of progress on the security of larger devices, there is a need to consider the security of resource-constrained devices. These battery-less low-powered devices perform their usual operation by harvesting energy from the ambient energy sources such as solar, thermal, radiofrequency (RF), and kinetic. Battery-less devices do not have sufficient energy available at all times and hence their operation is intermittent depending on the amount of energy harvested. Due to this reason, these devices use some sort of checkpointing or task-based mechanism for continuous operation. The paradigm of intermittent computing is to frequently save the state of the program to non-volatile memory whenever thedevice is running out of power and to resume its operation again from the same point whenever sufficient energy is available. In this thesis, I review the different types of energy harvesting techniques and the typical kind of attacks on battery-less Internet of Things (IoT) devices. The main goal of the thesis is to study the feasibility of physical attacks on the energy harvesting part of the device where the attacker interferes with the energy source to disrupt the system. This type of attack will drain the device’s energy buffer. Factors that can affect the complexity of the attack and the time taken to execute the attack are divided into the attacker model, nodemodel, and system model. The attacker model includes the sub-factorslike physical access to the device, its components, access to sourcecode, and the possibility of manipulating the sensor values. Node model and system model include the sub-factors that define the system characteristics like transmission frequency, network type, and energy harvesting architecture, to name a few. These sub-factors can not be altered by the attacker and play an essential part in deciding how difficult it is to execute an attack. In the final part of the thesis, I did a simulation in a python-based framework SimPy to check the feasibility of these attacks.
HÄR KAN DU HÄMTA UPPSATSEN I FULLTEXT. (följ länken till nästa sida)