POET: Power Oracle for Embedded Testing - Detection of State Changes in Automotive Embedded Systems

Abstract

Modern automotive systems face increasing cybersecurity threats as vehicle connectivity and technical complexity expand, creating attack surfaces that traditional security controls cannot comprehensively monitor. Current security testing approaches evaluate input/output behaviour to detect vulnerabilities, but these methods cannot directly observe internal system state changes. A vulnerability might produce correct output responses while successfully modifying internal system state, remaining undetected by input/output verification alone.

This thesis investigates power consumption analysis as a non-invasive mechanism that complements conventional security testing by detecting internal state changes. The Power Oracle for Embedded Testing (POET) framework detects unauthorized system modifications through side-channel power measurements, providing visibility into internal state changes that conventional input/output testing cannot observe. The framework was evaluated using an Automotive Grade Linux target platform across twenty-two test scenarios spanning CPU subsystems, communication interfaces, system services, and hardware peripherals.

The experimental results demonstrate that power-based analysis successfully detects hardware state changes affecting system power consumption. The framework achieved 99.9% detection accuracy for hardware-level modifications including CPU frequency scaling, network interface state changes, computational load variations, and peripheral activation, with only 0.4% false positives. These capabilities enable detection of unauthorized system reconfigurations that would remain invisible to conventional security testing approaches, including DVFS manipulation attacks, unauthorized interface activation, and covert computational activity.

The framework exhibits clear limitations for detecting changes that produce minimal power signatures. Software-level modifications such as process scheduling policies and low-power component state changes fall below detection thresholds, indicating that power-based analysis complements rather than replaces existing security testing methods. The evaluation identified optimal measurement parameters and comparison algorithms necessary for reliable detection in resource-constrained automotive environments.

The POET framework establishes a foundation for incorporating side-channel analysis into automotive security testing. By detecting hardware state modifications through power consumption monitoring, the framework addresses detection gaps in current testing approaches and increases security assessment coverage. This work demonstrates the feasibility of power-based testing for automotive embedded systems and identifies the practical boundaries of detection capabilities, providing guidance for deploying complementary security testing mechanisms in safety-critical automotive applications.