to deliver updates securely. It is possible that a hacker may succeed in accessing the credentials
of AES with the help of SCA (side channel analysis). Afterwards, they misuse these keys and
take control of the street lights. This is not merely an example; there have been a number of
similar cases in the past.
In order to carry out such attack, the hacker must be within a specific device proximity
range so they can not only plan their attack but also collect private and sensitive data. In the
aftermath of the attack, there are no remnants. While we have so far described the vulnerability
of street lights, the SCA attacks have been used to launch cyber attacks in hospitals and banks as
well where their financial, reputational, and especially health-related damage can create severe
issues for the stakeholders.
Typically, physical vulnerabilities are split up into the following two vulnerabilities.
• Non-invasive attacks
In these attacks, the hacker has to be near enough so they can focus on the chip and modify
electrical characteristics. As a result, they are able to change the device behavior while at the
same time they copy sensitive information.
• Invasive attacks
In these attacks, it is necessary for the hackers to expose the surface of the chips; therefore it is
possible to manipulate the chip physically. Among the above-two attacks, a hacker can attack
with dierent methods of attack.
• Side channel analysis: It falls into the category of a non-invasive attack where a hacker
can determine the electromagnetic radiation or power signature from the Integrated
Circuit (IC) and target it to extract sensitive data like secret keys.
• Tamper attack: It is a type of invasive attack in which the hacker tries to ‘physically’ alter
the integrated chip with the aim of collecting sensitive or private data which exists in the
metal wires; to do this, they use microprobes. It is possible that they might even modify
the circuit’s behavior and overdrive the IC’s state.
• Perturbation attacks or fault injection attacks: These attacks happen when a hacker
exploits an IoT system’s flaw and aims to misuse it for compromising security. To exploit
such loopholes, there is a wide range of options. Interestingly, this attack can beboth
non-invasive and invasive.
Importance of Physical Security
Among all the above-mentioned four software vulnerabilities, hackers find it most convenient
to exploit the software vulnerabilities. Communication and lifecycle attacks are comparatively
harder to engineer, due to more stringent security measures.
Lastly, there is physical security which is the toughest for hackers to break into. A few years
ago, hackers were not too motivated to hack the physical security of IoT devices, perhaps due to
lower ROI (return on investment). With the passage of time, many things have changed which
has boosted the need for physical security. Some of these are follows.
• An introduction of more stringent security measures in other vulnerabilities.
• The rise of network connections which in turn coincides with the growth of assets,
creating more opportunity to launch a cyber attack on a larger scale, thereby offering a
high enough incentive.
Chapter 12 Holistic View on IoT Security 311
Internet_of_Things_CH12_pp309-326.indd 311 9/3/2019 10:16:42 AM
Get Internet of Things now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.