| Summary: | <p>This thesis argues that cyber-physical systems are, by their very nature, at risk from physical-layer attacks as well as cyber attacks. The proliferation of cheap and easy-to-use sensing and actuation technologies has drastically lowered the bar for attackers to conduct physical-layer attacks, even with only limited resources. As our reliance upon cyber-physical systems grows, so too does the impact of attacks. </p>
<p>It is argued that the same easy accessibility of technology that equips attackers, also enables the use of physical-layer security techniques in developing defences. A series of work is presented, exploring the practical use of physical phenomena to secure real-world cyber-physical systems. </p>
<p>Timing constraints are used for the verification of aircraft location claims, to inhibit spoofing. This demonstrates a straightforward application of physical-layer techniques, enhanced with mobility, to drastically limit an attacker’s capabilities. </p>
<p>Wireless propagation measurements are used to determine the presence of a drone and track it during a privacy-invasion attack; where traffic itself does not provide sufficient insight. The successful results highlight the potential for using even simple, ubiquitous metrics to gain detailed insight into the physical world. </p>
<p>Leaked electromagnetic signals are then used to detect a class of malicious network; exploiting the wireless propagation mode to achieve better performance and more convenient deployment characteristics than are possible with the original signal. This demonstrates the scope for incorporating unconventional physical
effects to improve a security design. </p>
<p>The combined results are drawn on to argue that the use of physical-layer features is practical in real systems, even those that were not originally designed with due consideration for their tacit physical dependencies. </p>
<p>An eavesdropping attack is also presented against a state-of-the-art electric-vehicle charging system. This attack builds upon the electromagnetic leakage used defensively earlier, which is exacerbated by design choices made in the charging system. The eavesdropping attack is shown to be widely effective against real deployments, with results that suggest various active attacks would also be effective. </p>
<p>Observations from the attack are used to argue that as well as being practical, it is also necessary to incorporate physical-layer features in security design, as even emerging modern systems with detailed security models are vulnerable to critical physical-layer attacks.</p>
|
|---|