Embedded devices, such as programmable logic controllers (PLCs) and Internet of Things (IoT) devices are becoming targets of malware attacks with increasing frequency and catastrophic results. Physical side-channel analysis is one way to monitor a device without accessing its software and, thus, without imposing on its resources. In this article, we present a tutorial-level discussion about detecting anomalies in embedded devices during code execution using side-channel analysis. We provide the necessary background on side-channel analysis and detail the important phases of side-channel-based monitoring in existing approaches. We further provide experimental results of electromagnetic (EM)-emanation and power-consumption side channels. We expect that this article will enable signal processing researchers to better understand the issues involved in extracting side-channel signals, determine how these signals are related to the code, and leverage them for air-gapped intrusion detection. We hope that this understanding will inspire new research on side-channel modeling and characterization.
All Science Journal Classification (ASJC) codes
- Signal Processing
- Electrical and Electronic Engineering
- Applied Mathematics