Critical Sensors Might Not Be as Trustworthy as We Thought

Apr. 6, 2017  |  By Chris M. Roberts

University of Michigan researchers published findings that demonstrate the ability to influence a trusted sensor used in countless electronic devices around the world.  MEMS (Micro-Electro-Mechanical Systems) accelerometer subsystems provide accurate detec\tion while measuring acceleration, tilt, shock, and vibration.  Accelerometers work by having a physical device inside the chip that moves around and those movements are translated into electrical pulses.  Researchers were able to use an audio speaker to identify the resonant frequency of the accelerometer and cause the chip to report false movements.

IISP Analyst Chris M. Roberts: “While this vulnerability has not been used as an exploit at this time, it is a very good example of attacking a trusted sensor or communication bus. These trusted inputs are rarely checked from a security perspective and are often treated as an absolute truth. Because of that, actions -- both physical and electrical -- are automatically taken based on their data. While you likely know that MEMS accelerometers are used in your cell phone and wearable device, it’s worth noting that they are also used in more critical devices including both medical and automotive applications. In fact, these accelerometers have been used to inflate automotive airbags for years. Therefore, in theory, an attacker could deploy your airbag while you drive down the interstate which would produce devastating effects. Just another reminder to developers that no input can be trusted.”


For further reading
More by the author(s)