|
PRESENTATION:
|
How to Fool an ADC, Part II or Hiding Destruction of Turbine with a Little Help of Signal Processing
|
|
PRESENTER(S):
|
Gabriel Gonzalez, Principal Security Consultant for IOActive
|
|
CONFERENCE:
|
|
|
LOCATION:
|
Business Design Center, Room DEFG, London, UK
|
|
DATE & TIME:
|
November 3, 2016 at 12:30 PM
|
ADCs (analog-to-digital converters) are small integrated circuits (IC) that transform physical variables (amperage or voltage) into bytes in order to connect the worlds of analog and digital. Those bytes are then interpreted by most modern systems to initiate an appropriate or desired action. So the accurate interpretation of the data is important, especially in critical embedded and industrial control systems (ICS), as the wrong interpretation could create unsafe or even catastrophic conditions.
Consider an ADC that monitors the state of an important analog process (e.g., an industrial controller sending analog signals to a motor to change its speed). The ADC could be inside a safety system that shuts down the motor if an incorrect signal value is received. But what if it was possible to generate an analog signal that will be intentionally misinterpreted by the safety system?
If an attacker generated such a signal it could cause serious damage to the industrial actuators, including completely destroying a turbine or other serious consequences to the integrity of the system and facility.
This talk we will present different types of attacks that could be used against electronic components with poorly implemented hardware security design. The focus will be on popular sigma-delta ADCs and will include different exploit signals for real off-the-shelf components.
About Gabriel Gonzalez Garcia
Gabriel Gonzalez Garcia is a Principal Security Consultant at IOActive with more than 13 years of experience in development and security of embedded systems. From network equipment to satellite communications, Gabriel has actively exploited numerous vulnerabilities in a variety of software and hardware systems. Recently he has specialized in industrial equipment with a particular emphasis on smart grid environments.
About IOActive
IOActive is the industry’s only research-driven, high-end information security services firm with a proven history of better securing our customers through real-world scenarios created by our security experts. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering across multiple industries. IOActive is the only security services firm that has a dedicated practice focusing on Smart Cities and the transportation and technology that connects them. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, US, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.