The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Caphammer: Exploiting Capacitor Vulnerability of Energy Harvesting Systems

Research Areas: Cyber-Physical Systems

Principal Investigator: Changhee Jung

An energy harvesting system (EHS) has emerged
as an alternative to traditional battery-operated Internet of
Things (IoT) devices. An EHS harnesses ambient energy and
stores it in a small capacitor, enabling batteryless operation
when sufficient energy is available. However, capacitors are
susceptible to malicious charging/discharging and over-voltages,
which can lead to a loss of capacitance. With the capacitor vulnerability in mind, this article introduces a capacitor
hammering attack, simply Caphammer, that can undermine
the security of every EHS. The idea is that Caphammer can
degrade the capacitance by using frequent power outages. Once
Caphammer degrades the capacitor of the victim EHS, it can
suffer from denial of service, data corruption, data encryption
failure, and abnormal termination. To defeat Caphammer, this
article presents FanCap, a capacitor bank scheduling scheme that
can dynamically transform energy storage organization, taking
into account the capacitor vulnerability. The experimental results
demonstrate that FanCap can successfully thwart Caphammer
with a negligible run-time overhead.

Representative Publications

  • Jongouk Choi, Jaeseok Choi, Hyunwoo Joe, and Changhee Jung, "Caphammer: Exploiting Capacitor Vulnerability of Energy Harvesting Systems", International Conference on Embedded Software (EMSOFT) 2024