Embedded systems often operate on sensitive data in safety-critical environments, including transportation, health care, and industrial control. Embedded software can leak information about the activity and data via physical side-channels, such as electromagnetic (EM) fields, which can be measured with ease by an adversary using modest equipment. Such measurements can be used to profile programs, find anomalies in the software, identify sensitive information, and most fundamentally, reveal what instructions are being executed on the system. In a recent paper, Texas ECE researchers were able to measure the EM fields generated by a cryptographic algorithm deployed on an FPGA. Using the captured signals, the researchers could extract the secret key and thus break the cryptographic protection. Currently, the only way to analyze such software vulnerabilities is to rely on direct laboratory measurements that require expertise a typical software developer lacks.
Profs. Michael Orshansky, Ali Yilmaz and Andreas Gerstlauer of Texas ECE have received a $1.2M NSF research grant to develop computational tools to generate accurate security-focused EM profiles of an application running on an embedded system. The project will develop novel approaches and techniques to help designers improve system security and ensure resilience against information being leaked through EM side channels.