IEEE Consumer Electronics Magazine - May/June 2023 - 74

Analysis of Vulnerabilities
in Arduino-based design and development of electronic
systems.
The first stage of this research has been a literature
review, including scientific articles but also
technical reports and online information. It has
been done with Google Scholar using the terms
" arduino vulnerabilities, " " arduino security, " without
a temporal filter, obtaining 59 results. As not
many from these papers had the focus on arduino
vulnerabilities, we performed these searches
without quotes to get more results. As the results
were 9800 articles, we selected only those with relevant
terms in the title.
The second stage consisted of selecting the
Arduino boards in which to perform the security
analysis. Currently, a vast number of Arduino
devices can be found on the market. Thus, in
order to keep a focused goal, this study analyzed
a limited number of them, choosing good representatives
of the different kind of Arduino
devices (entry level, enhanced features, IoT-oriented,
nonofficial and with OS), as previously
mentioned in the introduction. Table 1 shows a
summary of the five selected boards with their
technical specifications.
For non-OS Arduino boards, one board has
been selected for each range: Uno (entry level),
Mega (enhanced), and MKR 1010 (IoT). Uno
board was chosen from the entry level because
it is the most used Arduino board.27 Mega has
been chosen among the enhanced devices
because of its versatility to be connected to
other devices as its I/O pins support 3.3 and 5 V.
The MKR1010 was selected because its Wi-Fi and
Bluetooth embedded connectivity make it a
good option to be used on IoT environments. As
a nonofficial Arduino device, Wemos D1R2 was
analyzed. Wemos D1R2 is based on Uno, but adding
built-in Wi-Fi support. This means that the
board behaves like an Uno board with the advantage
of having an embedded Wi-Fi connection.
Regarding devices with OS, vulnerabilities on
Arduino YUN has been analyzed. Currently, this
is the only Arduino device that joins together a
microcontroller and a microprocessor. In this
device, the microprocessor runs the OS.
The third stage of the research was to perform
an analysis of hardware, firmware, and vulnerabilities
on the selected Arduino boards with
and without Operating System:
74
1) The Arduino hardware vulnerabilities presented
are based on literature analysis. The
process of this analysis consists of studying the
following items in devices with and without OS:
i) board analysis; ii) overvoltage/overcurrent
protection analysis; and iii) microcontroller
extraction analysis.
2) For firmware analysis, Arduino IDE 1.0.5 has
been used to install sketches. In this case,
the analysis procedure consist of: i) bootloader
analysis; ii) binary code extraction
analysis; and iii) buffers, stack, and memory
overflow analysis. For these activities, the
HexRays tool is used to convert a binary file
into human-readable code. Additionally, for
the analysis of devices with OS, these other
items have been also analyzed: iv) Bridge
library vulnerabilities analysis; v) Operating
System vulnerabilities analysis; vi) Python
version analysis; and vii) default configurations
analysis.
3) For communication vulnerabilities, analysis
of serial communication and a Denial-of-Service
(DoS) attack has been performed on
boards with and without OS in order to compare
behavior. This attack is performed
against the Arduino MEGA with a WiFly
shield card, Arduino MEGA with an Ethernet
shield, Arduino YUN, MKR 1010, and Arduino
UNO with an Ethernet shield. A test on a
Wemos D1R2 card was also done. In order to
perform these tests, the default example
sketch of a simple web server was uploaded
to non-OS Arduino boards, except for Arduino
MEGA, where the SparkFun Wifly WebServer
was used. In the Arduino YUN
analysis, the HTTP server used was uhttpd.
The selected DoS tools were DoS.Linux.
SSPing.10 script (malware using a DoS
attack), Hulk (a DoS tool used to attack web
servers by generating unique and obfuscated
traffic volumes) and Hping3 (a tool to control
the size, quantity, and fragmentation of packets
in order to overload the target and
bypass or attack firewalls).
RELATED WORK
Some authors, such as Mathew,28 focus on
embedded system hardware cloning attack, what
IEEE Consumer Electronics Magazine
IEEE Consumer Electronics Magazine - May/June 2023

Table of Contents for the Digital Edition of IEEE Consumer Electronics Magazine - May/June 2023
