A Security Perspective on Battery Systems of the Internet of Things

Battery (sub)systems are used in many systems (systems-of-systems) in the Internet of Things (IoT) ranging from everyday ones (e.g., mobile systems, home appliances, etc.) to safety-critical and/or mission-critical ones (e.g., electrical vehicles, unmanned aerial vehicles, autonomous underwater vehicles, etc.). As these systems become more interconnected with each other and their environments and batteries become more energy dense, the safety risks of using batteries increase. To guarantee effectiveness and prevent potential safety threats (i.e., failure, overheating, explosion), it is not only crucial to ensure that batteries are functioning correctly (via safety circuits and battery management system), but to also prevent security threats that specifically target the battery system from different parts of these systems. A security analysis is necessary for system manufacturers and users to understand what threats and solutions exist for battery system security. In this paper, we present a security perspective on battery systems, where we use a layered approach to analyze vulnerabilities, threats, and potential effects. We divide the battery system into the Physical, Battery Management System, and Application layers and use mobile systems and cyber-physical systems as case studies for IoT applications. We then highlight and discuss some existing solutions and mention the potential research directions on battery system security.

[1]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[2]  Dennis Sylvester,et al.  A2: Analog Malicious Hardware , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[3]  Michael S. Hsiao,et al.  Denial-of-service attacks on battery-powered mobile computers , 2004, Second IEEE Annual Conference on Pervasive Computing and Communications, 2004. Proceedings of the.

[4]  Hao Chen,et al.  Exploiting MMS Vulnerabilities to Stealthily Exhaust Mobile Phone's Battery , 2006, 2006 Securecomm and Workshops.

[5]  Davide Andrea,et al.  Battery Management Systems for Large Lithium Ion Battery Packs , 2010 .

[6]  Alan Millner,et al.  Modeling Lithium Ion battery degradation in electric vehicles , 2010, 2010 IEEE Conference on Innovative Technologies for an Efficient and Reliable Electricity Supply.

[7]  Mike Eichhorn,et al.  Enabling Computation Intensive Applications in Battery-Operated Cyber-Physical Systems , 2012, MARC Symposium.

[8]  Shriram Santhanagopalan,et al.  State of charge estimation using an unscented filter for high power lithium ion cells , 2010 .

[9]  Samuel P. Midkiff,et al.  On death, taxes, and sleep disorder bugs in smartphones , 2013, HotPower '13.

[10]  Alfredo De Santis,et al.  Multimedia-based battery drain attacks for Android devices , 2014, 2014 IEEE 11th Consumer Communications and Networking Conference (CCNC).

[11]  S. Devadas,et al.  PUF-Based Random Number Generation , 2004 .

[12]  Wenyuan Xu,et al.  Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study , 2010, USENIX Security Symposium.

[13]  Scott D. Applegate The dawn of Kinetic Cyber , 2013, 2013 5th International Conference on Cyber Conflict (CYCON 2013).

[14]  Joseph G. Tront,et al.  Effects of Wi-Fi and Bluetooth Battery Exhaustion Attacks on Mobile Devices , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[15]  Donghwa Shin,et al.  Thermal management of batteries using a hybrid supercapacitor architecture , 2014, 2014 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[16]  Jaw-Kuen Shiau,et al.  Design of a Solar Power Management System for an Experimental UAV , 2009, IEEE Transactions on Aerospace and Electronic Systems.

[17]  Naehyuck Chang,et al.  A Statistical Model-Based Cell-to-Cell Variability Management of Li-ion Battery Pack , 2015, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[18]  Claude Castelluccia,et al.  The Leaking Battery - A Privacy Analysis of the HTML5 Battery Status API , 2015, DPM/QASA@ESORICS.

[19]  Xianguo Li,et al.  Thermal management of lithium‐ion batteries for electric vehicles , 2013 .

[20]  James R. Morrison,et al.  Automatic Battery Replacement System for UAVs: Analysis and Design , 2011, Journal of Intelligent & Robotic Systems.

[21]  Mohammad Abdullah Al Faruque,et al.  Eco-Friendly Automotive Climate Control and Navigation System for Electric Vehicles , 2016, 2016 ACM/IEEE 7th International Conference on Cyber-Physical Systems (ICCPS).

[22]  Farinaz Koushanfar,et al.  A Survey of Hardware Trojan Taxonomy and Detection , 2010, IEEE Design & Test of Computers.

[23]  Yih-Chun Hu,et al.  Insider-Attacks on Physical-Layer Group Secret-Key Generation in Wireless Networks , 2017, 2017 IEEE Wireless Communications and Networking Conference (WCNC).

[24]  Mohammad Abdullah Al Faruque,et al.  Modeling, analysis, and optimization of Electric Vehicle HVAC systems , 2016, 2016 21st Asia and South Pacific Design Automation Conference (ASP-DAC).

[25]  M. Paolone,et al.  A Microcontroller-Based Power Management System for Standalone Microgrids With Hybrid Power Supply , 2012, IEEE Transactions on Sustainable Energy.

[26]  정재식,et al.  A Multiscale Framework with Extended Kalman Filter for Lithium-Ion Battery SOC and Capacity Estimation , 2011 .

[27]  Mohammad Abdullah Al Faruque,et al.  Battery lifetime-aware automotive climate control for Electric Vehicles , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[28]  Jianqiu Li,et al.  A review on the key issues for lithium-ion battery management in electric vehicles , 2013 .

[29]  Mohammad Abdullah Al Faruque,et al.  Battery-aware energy-optimal Electric Vehicle driving management , 2015, 2015 IEEE/ACM International Symposium on Low Power Electronics and Design (ISLPED).

[30]  Ayan Banerjee,et al.  Ensuring Safety, Security, and Sustainability of Mission-Critical Cyber–Physical Systems , 2012, Proceedings of the IEEE.

[31]  Randy C. Marchany,et al.  Using Battery Constraints within Mobile Hosts to Improve Network Security , 2006, IEEE Security & Privacy.

[32]  Luca Fanucci,et al.  Batteries and battery management systems for electric vehicles , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[33]  Thomas Peyrin,et al.  Security challenges in automotive hardware/software architecture design , 2013, 2013 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[34]  Michael S. Hsiao,et al.  Towards an intrusion detection system for battery exhaustion attacks on mobile computing devices , 2005, Third IEEE International Conference on Pervasive Computing and Communications Workshops.

[35]  B. Saha,et al.  Designing Data-Driven Battery Prognostic Approaches for Variable Loading Profiles : Some Lessons Learned , 2012 .

[36]  Mark Mohammad Tehranipoor,et al.  Counterfeit Integrated Circuits: Detection, Avoidance, and the Challenges Ahead , 2014, J. Electron. Test..

[37]  Mohammad Abdullah Al Faruque,et al.  OTEM: Optimized Thermal and Energy Management for Hybrid Electrical Energy Storage in Electric Vehicles , 2016, 2016 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[38]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[39]  Stephan Engels Counterfeiting and piracy: the industry perspective , 2010 .

[40]  Hao Wu,et al.  Controlling UAVs with Sensor Input Spoofing Attacks , 2016, WOOT.

[41]  Kim Hartmann,et al.  The vulnerability of UAVs to cyber attacks - An approach to the risk assessment , 2013, 2013 5th International Conference on Cyber Conflict (CYCON 2013).