IEEE Consumer Electronics Magazine - March/April 2020 - 21

and taking compromising pictures and videos of
the individuals (e.g., using the camera and
speaker features in compromised devices such
as smart TVs).
Vulnerabilities and Countermeasures: Generally, in boot process hijacking, an attacker
attempts to break the normal boot process of a
device by exploiting any vulnerability in its boot
path, to replace the actual boot images with customized boot images. Due to lack of any integrity
check on the type of images being loaded into
ROM, the attacker could exploit the DFU feature
of the thermostat to boot from a USB device. The
attacker could further install malicious software
into the device gaining remote access of the
device and enter into the home network. To mitigate this attack, a chain-of-trust based secure
boot can be established if there are adequate
authentication mechanisms right from the initial
run of the code.8 This calls for a replacement of
the in-built processors with custom hardware to
facilitate secure boot support.
Lack of integrity check on the software images
being loaded into the device, and insecure software application programming interfaces (APIs)
and hardware interfaces, are some of the sources
of such attacks against the IoT devices. IoT devices may provide insecure APIs that are used by
application developers and other users to connect and communicate with them; thus, increasing the risk of malicious code injection attacks
from unauthorized entities. Well known best
practices for securing API endpoints such as
input validation, IP address filtering, etc., can be
applied to safeguard against such attacks.

Unauthorized Access
An attacker can gain unauthorized access to
an IoT system/device in many different ways
ranging from exploiting hardware/software vulnerabilities to illegal login attempts. The following case study on Tesla Model S describes one
way to carry out such an attack.
Attack and Consequences: Tesla service centers and charging stations are equipped with
TeslaService WiFi SSID. The credentials to access
them are stored in QtCarBrowser (Tesla's web
browser) as part of the autoconnect feature. By
faking this SSID, the attackers redirected the traffic from the browser to their domain.9

March/April 2020

QtWebkit=2:2x, the browser engine used by
Tesla's browser was found to contain a number
of software bugs, which were exploited by the
attackers to read/write arbitrary memory
addresses and to execute arbitrary code for gaining stable access to the shell. Once root access
was obtained, they disabled the Linux security
module, AppArmor. Gateway is one of the engine
control units (ECUs) present inside the vehicle's
communication network which is responsible
for passing control commands to other ECUs.
The attackers bypassed the Gateway firmware
integrity verification via an insecure token to
obtain privileged access to the Gateway shell
and programmed their customized firmware.
Intelligent and connected vehicles (ICV) such as
Tesla Model S are equipped with wireless communication technologies that allow vehicles to communicate with each other and with the roadside
infrastructure. As the number and range of cyber
interfaces within ICVs increase, there is also a corresponding increase in the attack vectors and security risks. The consequences of vulnerability can
be costly. In 2015, for example, Chrysler recalled
1.4 million vehicles and incurred significant financial losses due to the reported security flaws.
Vulnerabilities and Countermeasures: Several
security vulnerabilities were discovered in the
Tesla Model S, which allowed the attacker to
remotely take over the vehicle in both standby
and driving modes. First, since there were no
mechanisms implemented in the browser to avoid
memory leaks, the memory locations for binary
read/write were exposed. The AppArmor module
can be strengthened to disallow kernel address
leakage by mandatory size check, and privileged
folders can be made inaccessible in the browser
context by stringent access rules. Furthermore,
the access checks for modifying the privileged
user rights were also missing in the current version of the Linux kernel distribution used by Tesla.
Many of the above kernel security vulnerabilities
(CVE-2015-1805, CVE-2016-5195, etc.) are known
common vulnerabilities and exposures (CVEs) at
the point of attack, and the patches available open
source can address this issue. Moreover, moving
to a newer Linux version would also improve kernel security.
IoT device manufacturers must ensure that
devices without continuous Internet access are

21



IEEE Consumer Electronics Magazine - March/April 2020

Table of Contents for the Digital Edition of IEEE Consumer Electronics Magazine - March/April 2020

Contents
IEEE Consumer Electronics Magazine - March/April 2020 - Cover1
IEEE Consumer Electronics Magazine - March/April 2020 - Cover2
IEEE Consumer Electronics Magazine - March/April 2020 - Contents
IEEE Consumer Electronics Magazine - March/April 2020 - 2
IEEE Consumer Electronics Magazine - March/April 2020 - 3
IEEE Consumer Electronics Magazine - March/April 2020 - 4
IEEE Consumer Electronics Magazine - March/April 2020 - 5
IEEE Consumer Electronics Magazine - March/April 2020 - 6
IEEE Consumer Electronics Magazine - March/April 2020 - 7
IEEE Consumer Electronics Magazine - March/April 2020 - 8
IEEE Consumer Electronics Magazine - March/April 2020 - 9
IEEE Consumer Electronics Magazine - March/April 2020 - 10
IEEE Consumer Electronics Magazine - March/April 2020 - 11
IEEE Consumer Electronics Magazine - March/April 2020 - 12
IEEE Consumer Electronics Magazine - March/April 2020 - 13
IEEE Consumer Electronics Magazine - March/April 2020 - 14
IEEE Consumer Electronics Magazine - March/April 2020 - 15
IEEE Consumer Electronics Magazine - March/April 2020 - 16
IEEE Consumer Electronics Magazine - March/April 2020 - 17
IEEE Consumer Electronics Magazine - March/April 2020 - 18
IEEE Consumer Electronics Magazine - March/April 2020 - 19
IEEE Consumer Electronics Magazine - March/April 2020 - 20
IEEE Consumer Electronics Magazine - March/April 2020 - 21
IEEE Consumer Electronics Magazine - March/April 2020 - 22
IEEE Consumer Electronics Magazine - March/April 2020 - 23
IEEE Consumer Electronics Magazine - March/April 2020 - 24
IEEE Consumer Electronics Magazine - March/April 2020 - 25
IEEE Consumer Electronics Magazine - March/April 2020 - 26
IEEE Consumer Electronics Magazine - March/April 2020 - 27
IEEE Consumer Electronics Magazine - March/April 2020 - 28
IEEE Consumer Electronics Magazine - March/April 2020 - 29
IEEE Consumer Electronics Magazine - March/April 2020 - 30
IEEE Consumer Electronics Magazine - March/April 2020 - 31
IEEE Consumer Electronics Magazine - March/April 2020 - 32
IEEE Consumer Electronics Magazine - March/April 2020 - 33
IEEE Consumer Electronics Magazine - March/April 2020 - 34
IEEE Consumer Electronics Magazine - March/April 2020 - 35
IEEE Consumer Electronics Magazine - March/April 2020 - 36
IEEE Consumer Electronics Magazine - March/April 2020 - 37
IEEE Consumer Electronics Magazine - March/April 2020 - 38
IEEE Consumer Electronics Magazine - March/April 2020 - 39
IEEE Consumer Electronics Magazine - March/April 2020 - 40
IEEE Consumer Electronics Magazine - March/April 2020 - 41
IEEE Consumer Electronics Magazine - March/April 2020 - 42
IEEE Consumer Electronics Magazine - March/April 2020 - 43
IEEE Consumer Electronics Magazine - March/April 2020 - 44
IEEE Consumer Electronics Magazine - March/April 2020 - 45
IEEE Consumer Electronics Magazine - March/April 2020 - 46
IEEE Consumer Electronics Magazine - March/April 2020 - 47
IEEE Consumer Electronics Magazine - March/April 2020 - 48
IEEE Consumer Electronics Magazine - March/April 2020 - 49
IEEE Consumer Electronics Magazine - March/April 2020 - 50
IEEE Consumer Electronics Magazine - March/April 2020 - 51
IEEE Consumer Electronics Magazine - March/April 2020 - 52
IEEE Consumer Electronics Magazine - March/April 2020 - 53
IEEE Consumer Electronics Magazine - March/April 2020 - 54
IEEE Consumer Electronics Magazine - March/April 2020 - 55
IEEE Consumer Electronics Magazine - March/April 2020 - 56
IEEE Consumer Electronics Magazine - March/April 2020 - 57
IEEE Consumer Electronics Magazine - March/April 2020 - 58
IEEE Consumer Electronics Magazine - March/April 2020 - 59
IEEE Consumer Electronics Magazine - March/April 2020 - 60
IEEE Consumer Electronics Magazine - March/April 2020 - 61
IEEE Consumer Electronics Magazine - March/April 2020 - 62
IEEE Consumer Electronics Magazine - March/April 2020 - 63
IEEE Consumer Electronics Magazine - March/April 2020 - 64
IEEE Consumer Electronics Magazine - March/April 2020 - 65
IEEE Consumer Electronics Magazine - March/April 2020 - 66
IEEE Consumer Electronics Magazine - March/April 2020 - 67
IEEE Consumer Electronics Magazine - March/April 2020 - 68
IEEE Consumer Electronics Magazine - March/April 2020 - 69
IEEE Consumer Electronics Magazine - March/April 2020 - 70
IEEE Consumer Electronics Magazine - March/April 2020 - 71
IEEE Consumer Electronics Magazine - March/April 2020 - 72
IEEE Consumer Electronics Magazine - March/April 2020 - 73
IEEE Consumer Electronics Magazine - March/April 2020 - 74
IEEE Consumer Electronics Magazine - March/April 2020 - 75
IEEE Consumer Electronics Magazine - March/April 2020 - 76
IEEE Consumer Electronics Magazine - March/April 2020 - 77
IEEE Consumer Electronics Magazine - March/April 2020 - 78
IEEE Consumer Electronics Magazine - March/April 2020 - 79
IEEE Consumer Electronics Magazine - March/April 2020 - 80
IEEE Consumer Electronics Magazine - March/April 2020 - 81
IEEE Consumer Electronics Magazine - March/April 2020 - 82
IEEE Consumer Electronics Magazine - March/April 2020 - 83
IEEE Consumer Electronics Magazine - March/April 2020 - 84
IEEE Consumer Electronics Magazine - March/April 2020 - 85
IEEE Consumer Electronics Magazine - March/April 2020 - 86
IEEE Consumer Electronics Magazine - March/April 2020 - 87
IEEE Consumer Electronics Magazine - March/April 2020 - 88
IEEE Consumer Electronics Magazine - March/April 2020 - 89
IEEE Consumer Electronics Magazine - March/April 2020 - 90
IEEE Consumer Electronics Magazine - March/April 2020 - 91
IEEE Consumer Electronics Magazine - March/April 2020 - 92
IEEE Consumer Electronics Magazine - March/April 2020 - 93
IEEE Consumer Electronics Magazine - March/April 2020 - 94
IEEE Consumer Electronics Magazine - March/April 2020 - 95
IEEE Consumer Electronics Magazine - March/April 2020 - 96
IEEE Consumer Electronics Magazine - March/April 2020 - 97
IEEE Consumer Electronics Magazine - March/April 2020 - 98
IEEE Consumer Electronics Magazine - March/April 2020 - 99
IEEE Consumer Electronics Magazine - March/April 2020 - 100
IEEE Consumer Electronics Magazine - March/April 2020 - 101
IEEE Consumer Electronics Magazine - March/April 2020 - 102
IEEE Consumer Electronics Magazine - March/April 2020 - 103
IEEE Consumer Electronics Magazine - March/April 2020 - 104
IEEE Consumer Electronics Magazine - March/April 2020 - 105
IEEE Consumer Electronics Magazine - March/April 2020 - 106
IEEE Consumer Electronics Magazine - March/April 2020 - 107
IEEE Consumer Electronics Magazine - March/April 2020 - 108
IEEE Consumer Electronics Magazine - March/April 2020 - 109
IEEE Consumer Electronics Magazine - March/April 2020 - 110
IEEE Consumer Electronics Magazine - March/April 2020 - 111
IEEE Consumer Electronics Magazine - March/April 2020 - 112
IEEE Consumer Electronics Magazine - March/April 2020 - 113
IEEE Consumer Electronics Magazine - March/April 2020 - 114
IEEE Consumer Electronics Magazine - March/April 2020 - 115
IEEE Consumer Electronics Magazine - March/April 2020 - 116
IEEE Consumer Electronics Magazine - March/April 2020 - Cover3
IEEE Consumer Electronics Magazine - March/April 2020 - Cover4
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20240102
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20231112
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20230910
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20230708
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20230506
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20230304
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20230102
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20221112
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20220910
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20220708
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20220506
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20220304
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20220102
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20211112
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20210910
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20210708
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20210506
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_20210304
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_202010
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_202009
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_202007
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_202004
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_202003
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_202001
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_201910
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_201909
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_201907
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_201905
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_201903
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_201901
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_201811
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_201809
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_201807
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_201805
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_201803
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_july2017
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_april2017
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_january2017
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_october2016
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_july2016
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_april2016
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_january2016
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_october2015
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_july2015
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_april2015
https://www.nxtbook.com/nxtbooks/ieee/consumerelectronics_january2015
https://www.nxtbookmedia.com