03:32 GMT01 December 2020
Listen Live
    Get short URL

    Sound waves can be used to hack devices such as mobile phones or self-driving cars, Timothy Trippel, a researcher at the University of Michigan, told Radio Sputnik.

    Sound waves can be used to hack into the vital sensors used in a wide range of everyday electronic devices, researchers at the University of Michigan have found.

    The discovery calls into question a long-held assumption among computer scientists that software can automatically trust hardware sensors.

    The sensors in question are known as capacitive MEMS accelerometers, which measure the rate of change in an object's speed in three dimensions. 

    The researchers identified the resonant frequencies of 20 different accelerometers from five different manufacturers. They targeted the chips with precisely tuned acoustic tones that tricked them into decoding the sounds as false sensor readings. 

    The chips then delivered false information about movement which never occurred to the device's microprocessor.

    The method doesn't allow would-be hackers to access information in a system, but it could be used to hijack control of an autonomous system, Timothy Trippel, one of the researchers on the project, told Radio Sputnik.

    "Spoofing those measurements, you can potentially control the behavior of a larger system, such as an RC or a fitbit, or maybe even an automobile or a truck," Trippel said.

    "These devices are some of the most ubiquitous sensors in the world and they are used in automobiles, air bag deployment systems, even some implantable medical devices and avionic control systems," he explained.

    However, Trippel said it is unlikely that would-be hackers could gain full control of a system simply by using soundwaves to hijack it.

    "There is potential to spoof those centers, but it is probably somewhat unlikely that you will be able to gain full control of a system like that, because they are many other sensors that are delivering data that drives these autonomous systems or devices."

    "You have to be able to spoof all the sensors, which might be somewhat unlikely. That's good, because we don't want our systems to completely fall apart due to one sensor malfunction."

    Machines vulnerable to this kind of hacking include self-driving cars or airbag deployment systems. These are known as cyber-physical systems, which have pieces of software that autonomously make decisions based on environmental signals they perceive.

    In their research paper, called "WALNUT: Waging Doubt on the Integrity of MEMS Accelerometers with Acoustic Injection Attack," Trippel and his colleagues outline some defenses manufacturers can put in place to prevent this kind of hacking.

    "We have a couple of different mechanisms. Obviously, the best way to do it is to redesign your hardware with these security vulnerabilities in mind. However, that's not always possible because these devices are deployed in many systems throughout the world. So, for that we've developed a couple of software defense mechanisms that attempt to filter out the acoustic noise from the acceleration signal."

    The most immediate implication of the research is the potential for dangerous hacking of devices. However, the discovery may also offer a new way to transmit data in a cyber-physical system.

    "This does present an actual channel to transmit information, which could be very useful, but we are still undergoing preliminary experiments on that technology," Trippel said.

    Have you heard the news? Sign up to our Telegram channel and we'll keep you up to speed! 

    chip, computer science, computer, University of Michigan, Michigan
    Community standardsDiscussion