University of Oxford Logo University of OxfordDepartment of Computer Science - Home
Linked in
Linked in
Follow us on twitter
On Facebook

Mini Projects

These projects are meant to be small introductions to a topic, although they are rich enough to be develloped into a thesis project if desired.

Project 1: Remote Attestation Platform Modelling


Remote Attestation is the process of verifying the internal state of device, typically an embedded system, across a network. The verification must be done in such a way as to make it impossible for the device to cheat, even if it has been infected with, and is currently running, malicious code. Research into this type of runtime verification is motivated by the need to prevent SCADA- and industrial control systems falling victim to targeted malicious code.

This project is theoretical in nature. It aims to model an embedded system, and through the model argue about the minimal hardware requirements necessary to support the functionality required by Remote Attestation. A mathematical background as well as a bit of exposure to embedded systems will be helpful in order to complete this project.

Project 2: Building a Testbed for Adversarial EMI Experiments


Embedded systems, or cyber-physical systems, consists of a micro controller and various forms of interaction with the physical world. Such systems permeate every aspect of modern life. They are used in anything from modern cars where embedded systems manage breaking, power steering, engine performance, etc.; to factory control systems where such systems control sensors and actuators as well as the flow of diagnostic information.

Any embedded system that wishes to control or measure something, must by necessity have a sensor or an actuator attached as a peripheral element. Sensors come in many different varieties but most are "dumb" devices that convert the quantity they are supposed to sense, into an analog electrical signal that can be processed by a microcontroller. Such sensors are vulnerable to attack. This project aims to build a test platform and explore what types of adversarial signals work best to achieve specific results in an embedded system.

As an example consider a microphone measuring sound. A (condenser) microphone consists of a diaphragm which acts as one plate of a capacitor, and the sound vibrations produce changes in the distance between the plates. The voltage maintained across the capacitor plates thus changes with the vibrations in the air. There is no way for the microphone itself to authenticate the signal coming out of it. The signal is simply the result of a physical process, and the microcontroller has no choice but to consider what ever comes from the microphone as authentic. This means that such an embedded system could be fooled into believing that sound was being recorded by the microphone, while in fact the "audio signal" was being induced using (inaudible) radio waves from (potentially) far away. Due to that lack of authentication, the microcontroller has no way of differentiating between a signal generated by the attached microphone and one induced by adversarial electromagnetic interference (EMI). The fact that this can be done from far away, only make the problem more serious and potentially more damaging, since an attacker can have a large circle of influence.