Application-aware Energy Attack Mitigation in the Battery-less Internet of Things

TL;DR

This paper presents a mitigation system for energy attacks on battery-less IoT devices, enhancing application continuity, task schedulability, and peripheral availability by tuning energy management based on attack detection.

Contribution

It introduces a novel energy attack mitigation approach tailored for battery-less IoT devices, optimizing energy management to maintain application execution during attacks.

Findings

Increased application cycles by 23.3% under attack.

Improved task schedulability by at least 21%.

Achieved 34% higher peripheral availability.

Abstract

We study how to mitigate the effects of energy attacks in the batteryless Internet of Things (IoT). Battery-less IoT devices live and die with ambient energy, as they use energy harvesting to power their operation. They are employed in a multitude of applications, including safety-critical ones such as biomedical implants. Due to scarce energy intakes and limited energy buffers, their executions become intermittent, alternating periods of active operation with periods of recharging their energy buffers. Experimental evidence exists that shows how controlling ambient energy allows an attacker to steer a device execution in unintended ways: energy provisioning effectively becomes an attack vector. We design, implement, and evaluate a mitigation system for energy attacks. By taking into account the specific application requirements and the output of an attack detection module, we tune task execution rates and optimize energy management. This ensures continued application execution in the event of an energy attack. When a device is under attack, our solution ensures the execution of 23.3% additional application cycles compared to the baselines we consider and increases task schedulability by at least 21%, while enabling a 34% higher peripheral availability.