Exploring Power Fuzzing in Embedded Systems: Architecture, Challenges, and Enhancements

Abstract

Embedded Systems (ES) are becoming increasingly prevalent across various industries, playing an important role in everything from critical infrastructure to consumer electronics. However, their resource-constrained nature and complex interactions with the physical world make them susceptible to security vulnerabilities. Fuzzing, a technique that feeds random or mutated data to a program to uncover software bugs and vulnerabilities, has emerged as a powerful tool for improving embedded system security.

This thesis explores the concept of power fuzzing, a specialized fuzzing approach that focuses on capturing variations in the power consumption of the Target System (TS) as feedback. We examine the power fuzzing structure, highlighting the different events triggered during fuzzing and the inherent variability associated with these events. The thesis also addresses challenges in data capture and the limitations of the Target System (TS).

Furthermore, this thesis proposes two enhancements to improve the effectiveness of power fuzzing architectures: (1) Hardware Trigger and (2) Profile and Fine-Tune (PnFT) Approach. These enhancements aim to address the aforementioned challenges and contribute to a more robust security testing methodology for Embedded Systems (ES).