As a good cybersecurity researcher does, Mark Carney of the Santander Group Cyber Security Research Team sees security exploits in places most people would not even consider that a vulnerability could be lurking. Case in point, his recent project, CurrentSense-TinyML, seeks to understand microcontroller behavior using only data about the current that the device is drawing.
The setup consists of an Arduino Nano, which stands in for an unknown device that we want to understand. An Arduino Nano 33 Sense runs a TensorFlow Lite ML model and snoops on the previously mentioned Nano. An INA219 current sensor monitors the current draw of the target device, which is collected by the snooping microcontroller.
The target Arduino is programmed to blink its onboard LED on and off. Carney's goal was to determine if he could recognize when the LED was on or off by feeding current draw information into a machine learning model.
The model was trained with data collected from the current sensor that was paired with the state of the LED on the target device. So, when it was all hooked up, did it work, you ask? Yes, and when you take a look at the current draw graph below, you will probably recognize right away that it would obviously work.
Machine learning classifiers are pattern detectors, and this pattern stands out like a sore thumb. In fact, you are probably thinking that machine learning is overkill for this task, and you could simply consider a current draw above a certain threshold to mean “LED on” and everything else to mean “LED off.” And you would be absolutely correct — that would work and be a much simpler solution, which Carney admits in his write-up.
However, this is meant as a proof of concept to show that current draw may be able to be used to understand the function of a microcontroller in less trivial situations. While that may be the case, this proof of concept is very highly constrained and it is not clear how it would map to understanding a non-trivial application. Current draw is going to be a very low resolution, non-specific, window into the inner workings of a microcontroller that is doing more complex things. Moreover, the model was a simple two class classifier in which the possible classes were known upfront. This work does not make it clear how this would be adapted to interpreting more complex functionality, especially when the function of the target device is not known a priori.
This is a very interesting idea, and kudos to Carney for taking some early steps towards a very formidable goal. Perhaps this work will inspire others to help move the idea from proof of concept to practical in the future.