Sensors are embedded in security-critical applications from medical devices
to nuclear power plants, but their outputs can be spoofed through
electromagnetic and other types of signals transmitted by attackers at a
distance. To address the lack of a unifying framework for evaluating the
effects of such transmissions, we introduce a system and threat model for
signal injection attacks. We further define the concepts of existential,
selective, and universal security, which address attacker goals from mere
disruptions of the sensor readings to precise waveform injections. Moreover, we
introduce an algorithm which allows circuit designers to concretely calculate
the security level of real systems. Finally, we apply our definitions and
algorithm in practice using measurements of injections against a smartphone
microphone, and analyze the demodulation characteristics of commercial
Analog-to-Digital Converters (ADCs). Overall, our work highlights the
importance of evaluating the susceptibility of systems against signal injection
attacks, and introduces both the terminology and the methodology to do so.Comment: This article is the extended technical report version of the paper
presented at ESORICS 2019, 24th European Symposium on Research in Computer
Security (ESORICS), Luxembourg, Luxembourg, September 201