Back to Search Start Over

The System That Cried Wolf: Sensor Security Analysis of Wide-area Smoke Detectors for Critical Infrastructure.

Authors :
HOCHEOL SHIN
JUHWAN NOH
DOHYUN KIM
YONGDAE KIM
Source :
ACM Transactions on Privacy & Security; Jul2020, Vol. 23 Issue 3, p1-32, 32p
Publication Year :
2020

Abstract

Fire alarm and signaling systems are a networked system of fire detectors, fire control units, automated fire extinguishers, and fire notification appliances. Malfunction of these safety-critical cyber-physical systems may lead to chaotic evacuations, property damage, and even loss of human life. Therefore, reliability is one of the most crucial factors for fire detectors. Indeed, even a single report of a fire cannot be ignored, considering the importance of early fire detection and suppression. In this article, we showthat wide-area smoke detectors, which are globally installed in critical infrastructures such as airports, sports facilities, and auditoriums, have significant vulnerabilities in terms of reliability; one can remotely and stealthily induce false fire alarms and suppress real fire alarms with a minimal attacker capability using simple equipment. The practicality and generalizability of these vulnerabilities has been assessed based on the demonstration of two types of sensor attacks on two commercial off-the-shelf optical beam smoke detectors from different manufacturers. Further, the practical considerations of building stealthy attack equipment has been analyzed, and an extensive survey of almost all optical beam smoke detectors on the market has been conducted. In addition, we show that the current standards of the fire alarm network connecting the detector and a control unit exacerbate the problem, making it impossible or very difficult to mitigate the threats we found. Finally, we discuss hardware- and software-based possible countermeasures for both wide-area smoke detectors and the fire alarm network; the effectiveness of one of the countermeasures is experimentally evaluated. [ABSTRACT FROM AUTHOR]

Details

Language :
English
ISSN :
24712566
Volume :
23
Issue :
3
Database :
Complementary Index
Journal :
ACM Transactions on Privacy & Security
Publication Type :
Academic Journal
Accession number :
148090228
Full Text :
https://doi.org/10.1145/3393926