Attacking Hardware Systems Using Resonance and the Laws of Physics

The presentation discusses the use of resonance attacks on hardware systems and the importance of considering hardware security in addition to software security.

• Hardware security is an important aspect of comprehensive security and should not be overlooked
• Resonance attacks can be used to subvert certain electronic sensors and programmable logic
• Physical properties of target devices can be leveraged to bypass hardware security sub systems
• An anecdote is provided to illustrate the ease with which hardware security can be compromised

The presenter provides two anecdotes to illustrate the ease with which hardware security can be compromised. In one example, a telematics unit was easily hacked by pulling the flash chip off to recover the entire file system. In another example, an atom-based phone was hacked by finding a small cluster of unloaded components and using option resistors to choose whether or not the bootloader is to go into development mode or production mode.

Everything has a resonant frequency. By finding the resonant frequency of certain electronic sensors, programmable logic, and other devices, it is possible to subvert certain systems that are supposedly secured by the electronic components targeted in this research. From ultrasonic attacks on MEM's microphones in most voice enabled IoT and mobile equipment to high frequency electrical resonance inside certain programmable logic, these resonance attacks are all about leveraging physical properties of the target device and by chaining both these attacks and other hardware attacks together can allow software to bypass quite complex hardware security sub systems.