The December 2022 issue of IEEE Spectrum is here!

Close bar

System Sniffs Out Trojans in Electromagnetic Emissions

Startup Aether Argus' system spotted trojans in an AI accelerator card and more

3 min read
Left, a commercial plane from below; right a Yellow and green fighter jet takes off from a runway

A commericial airliner (left) and an Iranian fighter jet

Left: iStockphoto; Right: Wikipedia

Is that a warplane or a commercial airliner? Mistaking one for the other has had truly tragic consequences. So if you've got an automated system doing it, you better know for sure that it hasn't been compromised with a malicious hardware trojan somewhere along the supply chain.

It's such scenarios that the Defense Advanced Research Agency (DARPA) is hoping to defeat with a project called SHEATH (for Safeguards against Hidden Effects and Anomalous Trojans in Hardware), which recently wrapped up its 18-month run. The result? A system called TEMPEST that can tell if part of a computer has been compromised just from its electromagnetic emissions. Engineers from Aether Argus, in Atlanta, revealed the system and its results this week at DARPA's annual Electronics Resurgence Initiative Summit.

"The intended purpose is to help defenders confirm the integrity of the hardware and software they care about, without deploying new software on those devices," explained Angelos Keromytis, president of Aether Argus, which he cofounded with fellow professors at Georgia Tech Alenka Zajic and Milos Prvulovic, and with Virginia Tech's Angelos Stavrou.

(See "3 Ways to Hack a Printed Circuit Board", IEEE Spectrum, September 2020, for a list of vulnerable spots in the motherboard supply chain.)

Snooping electromagnetic side channels such as a chip's power consumption or RF emissions is usually thought of "as a technique to attack and steal cryptographic keys," says Keromytis.

Tempest turns that on its head. It takes signals from a near-field electromagnetic sensor that's set close to the hardware in question and looks for signs of tampering. In its most comprehensive tests, that hardware was a field-programmable gate array (FPGA) expansion board in a server. The FPGA was acting as an accelerator for an AI that was trained to identify objects in images. Tempest itself is also an AI. It's trained to spot changes in the FPGA's ordinary emissions that might mean a trojan in the chip's firmware has engaged.

2 spectrographs. The left is labelled Clean application. The right is labelled V1.

Aether Argus

2 spectrographs. The left is labelled V2. The right is labelled V3.

These spectrographs show the radio emissions from an AI accelerator when it's clean and when it's compromised by three variants of a firmware trojan.

At the DARPA event, Keromytis showed the results of a test in which a trojan was inserted in the FPGA's firmware that would result in the neural network misidentifying an image of an Iranian fighter jet as a commercial aircraft.

The startup tested Tempest against three variants of the hardware trojan and in each case managed to spot it within one second of its engaging in dastardly deeds. It did so with an accuracy of at least 98.87 percent and with at most a 1.83 percent false positive rate. What's more, Tempest could detect one version of the trojan with 97.98 percent accuracy even when the malware wasn't engaged at all, such as when the AI was looking at a real commercial jet.

The latter example, called structural detection—as opposed to runtime detection—is more difficult, said Keromytis. But it would be useful for spotting attacks inserted at points in a system's supply chain.

Although they did most of the work on the FPGA, the team did proof-of-concept work on a variety of systems such as cellular infrastructure devices, embedded microcontrollers, and hard drives. "In most cases we didn't even need to remove the enclosure" to pick up a usable electromagnetic signature, said Keromytis.

Now that the initial DARPA work is done, Aether Argus is working on commercialization. One important application is defending the supply chain for 5G infrastructure by spotting counterfeits and hacked systems, Keromytis said.

The Conversation (1)
Michael Stricker04 Nov, 2021

This is old news. This type of work was done in the mid 1980's.

Why Functional Programming Should Be the Future of Software Development

It’s hard to learn, but your code will produce fewer nasty surprises

11 min read
A plate of spaghetti made from code
Shira Inbar

You’d expectthe longest and most costly phase in the lifecycle of a software product to be the initial development of the system, when all those great features are first imagined and then created. In fact, the hardest part comes later, during the maintenance phase. That’s when programmers pay the price for the shortcuts they took during development.

So why did they take shortcuts? Maybe they didn’t realize that they were cutting any corners. Only when their code was deployed and exercised by a lot of users did its hidden flaws come to light. And maybe the developers were rushed. Time-to-market pressures would almost guarantee that their software will contain more bugs than it would otherwise.

Keep Reading ↓Show less