Stealthy Information Leakage through Peripheral Exploitation in Modern Embedded Systems

Dimitrios Tychalas, Anastasis Keliris, Michail Maniatakos

Research output: Contribution to journalArticlepeer-review


Embedded systems are being aggressively integrated in every aspect of modern life, with uses ranging from personal devices to devices deployed in critical systems, such as autonomous vehicles, aircrafts, and industrial control systems. Embedded systems handle sensitive information, which can be potentially exposed leveraging their poor security posture. In this paper, we present a novel attack vector that automates stealthy information leakage from modern embedded systems. Specifically, we leverage the Device Tree, a data structure that describes the hardware profile of a system, to extract detailed information about the target system. Utilizing this information, we introduce a stealthy attack that attempts to bridge the air-gap by transferring data from memory directly to analog peripherals. The attack resides solely in the peripherals, completely transparent to the main CPU, by judiciously short-circuiting specific components. We implement this attack on a commercial Programmable Logic Controller (PLC), leaking information over the available LEDs. We evaluate the presented attack vector in terms of stealthiness, and we demonstrate no observable overhead on both CPU performance and DMA transfer speed. Furthermore, we propose a generalized defense scheme for peripheral exploitation attacks by establishing a hardware root of trust through JTAG debugging. Our methodology keeps track of peripheral traffic through JTAG-enabled monitoring, alerts the system for possible malicious behavior and handles the threat removal. We test our defense in terms of imposed performance overhead and overall potency, achieving solid detection of the underlying attack at a low performance cost.

Original languageEnglish (US)
Article number9091580
Pages (from-to)308-318
Number of pages11
JournalIEEE Transactions on Device and Materials Reliability
Issue number2
StatePublished - Jun 2020


  • Embedded systems security
  • JTAG
  • device tree
  • direct memory access

ASJC Scopus subject areas

  • Electronic, Optical and Magnetic Materials
  • Safety, Risk, Reliability and Quality
  • Electrical and Electronic Engineering


Dive into the research topics of 'Stealthy Information Leakage through Peripheral Exploitation in Modern Embedded Systems'. Together they form a unique fingerprint.

Cite this