Protecting Analog Sensor Security (alt: Sending Mixed Signals on IoT Cybersecurity)

Date and time: 
Thursday, November 9, 2017 - 15:30
220 Deschutes
Kevin Fu
University of Michigan
  • Jun Li, CIS


Why are undergraduates taught to hold the digital abstraction as sacrosanct and unquestionable?  Why do microprocessors blindly trust input from sensors, and what can be done to establish trust in unusual input channels in cyberphysical systems? Risks of analog sensor cybersecurity pose challenges to autonomous vehicles, medical devices, and the Internet of Things. Analog cybersecurity can also reduce risks by detecting an adversary via the physics of computation. Analog cybersecurity builds upon classic research in fault injection and side channels. Based on results on intentional RF interference on sensors by Foo Kune et al. [Ghost Talk, IEEE S&P], intentional acoustic interference on MEMS accelerometers by Trippel et al. [Walnut, IEEE Euro S&P], and related work, I will demonstrate the implications of unintentional demodulation in feedback control systems ranging from fitbits to implantable medical devices to drones and phones. More important, I will explain how to rethink the computing stack from electrons to bits to design out security risks that bubble up from physics into the operating system. This work brings some closure to my curiosity on why my cordless phone would ring whenever I executed certain memory operations on the video graphics chip of an Apple IIGS.


Kevin is Associate Professor in EECS at the University of Michigan where he directs the Security and Privacy Research Group ( and the Archimedes Center for Medical Device Security. He was named a Sloan Research Fellow, MIT Technology Review TR35 Innovator of the Year, and Fed100 Award recipient. He received best paper awards from USENIX Security, IEEE S&P, and ACM SIGCOMM. Fu has testified in the House and Senate on matters of information security and has written commissioned work on trustworthy medical device software for the National Academy of Medicine. He is a member the Computing Community Consortium Council and ACM Committee on Computers and Public Policy. Kevin previously served as program chair of USENIX Security, a member of the NIST Information Security and Privacy Advisory Board, and a visiting scientist at the Food & Drug Administration. Fu received his B.S., M.Eng., and Ph.D. from MIT. He earned a certificate of artisanal bread making from the French Culinary Institute.