TATER: Tamper Analysis via Transient Electromagnetic Response

TATER will be a tamper analysis system for monitoring deterministic programs and detecting unauthorized modifications by collecting and comparing electromagnetic emanations from the target processor. Its declared purpose is to prevent changes from being made to IOT devices.

Background
Sometimes, it is impractical to physically modify a system in order to monitor it. The goal of TATER is to assess whether the code of a system has been changed without actually modifying the system it is monitoring, using electromagnetic signals emanating from the processor.

Specifications
Our product should not require modification of the target system. It should be sensitive enough to detect relatively small changes in the boot code but flexible enough to allow multiple configurations. It should be possible to update the monitoring system to continue correctly characterizing the boot code if it is updated. Analysis should take no longer than a couple of minutes.

Alternatives and Decisions
We considered using an FPGA to process signals, but ultimately decided that the best choice for research and development purposes would be to use Linux on a laptop. This is a diagram of our setup design:



Design Strategy
Our strategy is to design an antenna to pick up electromagnetic signals emanating from a processor and analyze peaks in the frequency compared with an established baseline to identify modifications in the boot code. Various statistical analysis techniques may be of use in pursuing this goal.

Implementation and Testing
So far, we have been using a probe and an oscilloscope to collect readings from the target processor.

Meeting Minutes






















Presentations and Monthly Status Reports