View article
IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT Open
With the rapid growth of the Internet-of-Things (IoT), concerns about the\nsecurity of IoT devices have become prominent. Several vendors are producing\nIP-connected devices for home and small office networks that often suffer from\nflawed…
View article
Unpacking the Black Box: Applications and Considerations for Using GPS Devices in Sport Open
Athlete-tracking devices that include global positioning system (GPS) and microelectrical mechanical system (MEMS) components are now commonplace in sport research and practice. These devices provide large amounts of data that are used to …
View article
Wearable Sleep Technology in Clinical and Research Settings Open
The accurate assessment of sleep is critical to better understand and evaluate its role in health and disease. The boom in wearable technology is part of the digital health revolution and is producing many novel, highly sophisticated and r…
View article
IoT Privacy and Security Challenges for Smart Home Environments Open
Often the Internet of Things (IoT) is considered as a single problem domain, with proposed solutions intended to be applied across a wide range of applications. However, the privacy and security needs of critical engineering infrastructure…
View article
Towards Automated Dynamic Analysis for Linux-based Embedded Firmware Open
Commercial-off-the-shelf (COTS) network-enabled embedded devices are usually controlled by vendor firmware to perform integral functions in our daily lives.For example, wireless home routers are often the first and only line of defense tha…
View article
IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing Open
With more IoT devices entering the consumer market, it becomes imperative to detect their security vulnerabilities before an attacker does.Existing binary analysis based approaches only work on firmware, which is less accessible except for…
View article
Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing Open
In this paper, we explore a new, yet critical, side-channel attack against Intel Software Guard Extension (SGX), called a branch shadowing attack, which can reveal fine-grained control flows (i.e., each branch) of an enclave program runnin…
View article
SoK: Understanding the Prevailing Security Vulnerabilities in TrustZone-assisted TEE Systems Open
Hundreds of millions of mobile devices worldwide rely on Trusted Execution Environments (TEEs) built with Arm TrustZone for the protection of security-critical applications (e.g., DRM) and operating system (OS) components (e.g., Android ke…
View article
A review of open source ventilators for COVID-19 and future pandemics Open
Coronavirus Disease 2019 (COVID-19) threatens to overwhelm our medical infrastructure at the regional level causing spikes in mortality rates because of shortages of critical equipment, like ventilators. Fortunately, with the recent develo…
View article
FANN-on-MCU: An Open-Source Toolkit for Energy-Efficient Neural Network Inference at the Edge of the Internet of Things Open
The growing number of low-power smart devices in the Internet of Things is coupled with the concept of 'edge computing' that is moving some of the intelligence, especially machine learning, toward the edge of the network. Enabling machine …
View article
Secure Internet of Things (IoT)-Based Smart-World Critical Infrastructures: Survey, Case Study and Research Opportunities Open
The widespread adoption of the Internet of Things (IoT) technologies has drastically increased the breadth and depth of attack surfaces in networked systems, providing new mechanisms for the intrusion. In the context of smart-world critica…
View article
Recommendations for processing atmospheric attenuated backscatter profilesfrom Vaisala CL31 ceilometers Open
Ceilometer lidars are used for cloud base height detection, to probe aerosol layers in the atmosphere (e.g. detection of elevated layers of Saharan dust or volcanic ash), and to examine boundary layer dynamics. Sensor optics and acquisitio…
View article
A Review of Cyber–Physical Security for Photovoltaic Systems Open
In this paper, the challenges and a future vision of the cyber-physical security of photovoltaic (PV) systems are discussed from a firmware, network, PV converter controls, and grid security perspective. The vulnerabilities of PV systems a…
View article
Secure Firmware Updates for Constrained IoT Devices Using Open Standards: A Reality Check Open
While the IoT deployments multiply in a wide variety of verticals, the most IoT devices lack a built-in secure firmware update mechanism. Without such a mechanism, however, critical security vulnerabilities cannot be fixed, and the IoT dev…
View article
The QICK (Quantum Instrumentation Control Kit): Readout and control for qubits and detectors Open
We introduce a Xilinx RF System-on-Chip (RFSoC)-based qubit controller (called the Quantum Instrumentation Control Kit, or QICK for short), which supports the direct synthesis of control pulses with carrier frequencies of up to 6 GHz. The …
View article
Karonte: Detecting Insecure Multi-binary Interactions in Embedded Firmware Open
Low-power, single-purpose embedded devices (e.g., routers and IoT devices) have become ubiquitous. While they automate and simplify many aspects of users' lives, recent large-scale attacks have shown that their sheer number poses a severe …
View article
Ethical hacking for IoT: Security issues, challenges, solutions and recommendations Open
In recent years, attacks against various Internet-of-Things systems, networks, servers, devices, and applications witnessed a sharp increase, especially with the presence of 35.82 billion IoT devices since 2021; a number that could reach u…
View article
Bluetooth 5.1: An Analysis of Direction Finding Capability for High-Precision Location Services Open
This paper presents an in-depth overview of the Bluetooth 5.1 Direction Finding standard’s potentials, thanks to enhancing the Bluetooth Low Energy (BLE) firmware. This improvement allows producers to create location applications based on …
View article
Durability of smartphones: A technical analysis of reliability and repairability aspects Open
Smartphones are available on the market with a variety of design characteristics and purchase prices. Recent trends show that their replacement cycle has become on average shorter than two years, which comes with environmental impacts that…
View article
A review of open source ventilators for COVID-19 and future pandemics Open
Coronavirus Disease 2019 (COVID-19) threatens to overwhelm our medical infrastructure at the regional level causing spikes in mortality rates because of shortages of critical equipment, like ventilators. Fortunately, with the recent develo…
View article
An Analysis of Pre-installed Android Software Open
The Android Open Source Project (AOSP) was first released by Google in 2008 and \nhas since become the most used operating system [Andaf]. Thanks to the openness \nof its source code, any smartphone vendor or original equipment manufacture…
View article
On Code Execution Tracking via Power Side-Channel Open
With the proliferation of Internet of Things, there is a growing interest in embedded system attacks, e.g., key extraction attacks and firmware modification attacks. Code execution tracking, as the first step to locate vulnerable instructi…
View article
Benchmarking the Orbitrap Tribrid Eclipse for Next Generation Multiplexed Proteomics Open
The rise of sample multiplexing in quantitative proteomics for the dissection of complex phenotypic comparisons has been advanced by the development of ever more sensitive and robust instrumentation. Here, we evaluated the utility of the O…
View article
ASSURED: Architecture for Secure Software Update of Realistic Embedded Devices Open
Secure firmware update is an important stage in the IoT device life-cycle.\nPrior techniques, designed for other computational settings, are not readily\nsuitable for IoT devices, since they do not consider idiosyncrasies of a\nrealistic l…
View article
{HALucinator}: Firmware Re-hosting Through Abstraction Layer Emulation Open
Given the increasing ubiquity of online embedded devices, analyzing their firmware is important to security, privacy, and safety. The tight coupling between hardware and firmware and the diversity found in embedded systems makes it hard to…
View article
FirmUSB Open
The USB protocol has become ubiquitous, supporting devices from high-powered\ncomputing devices to small embedded devices and control systems. USB's greatest\nfeature, its openness and expandability, is also its weakness, and attacks such\…
View article
Over-the-Air Software Updates in the Internet of Things: An Overview of Key Principles Open
Due to the fast pace at which IoT is evolving, there is an increasing need to support over-theair software updates for security updates, bug fixes, and software extensions. To this end, multiple over-the-air techniques have been proposed, …
View article
Implications of Malicious 3D Printer Firmware Open
The utilization of 3D printing technology within the manufacturing process creates an environment that is potentially conducive to malicious activity. Previous research in 3D printing focused on attack vector identification and intellectua…
View article
Discovering and Understanding the Security Hazards in the Interactions between IoT Devices, Mobile Apps, and Clouds on Smart Home Platforms Open
A smart home connects tens of home devices to the Internet, where an IoT cloud runs various home automation applications. While bringing unprecedented convenience and accessibility, it also introduces various security hazards to users. Pri…
View article
Fast inference of Boosted Decision Trees in FPGAs for particle physics Open
We describe the implementation of Boosted Decision Trees in the hls4ml library, which allows the translation of a trained model into FPGA firmware through an automated conversion process. Thanks to its fully on-chip implementation, hls4ml …