Date of Award


Document Type

Campus Access Thesis


Computer Science and Engineering

First Advisor

Wenyuan Xu


Continued advancement in wireless embedded systems design and hardware integration has introduced us to a world where such devices are an integral part of the modern citizen's life. Due to this proliferation in usage, wireless embedded devices demand a thorough study into their security and privacy risks. This thesis studies embedded systems with a view to analyzing possible risks. Two systems have been considered in particular -- Tire Pressure Monitoring Systems (TPMS) and Automatic Meter Reading (AMR) systems. Both of these are widely used commodity wireless systems which contain information sensitive to user privacy. However, they did not get their due attention perhaps because we do not interact with them directly. Thus, this thesis studies the security and privacy of these systems.

Both TPMS and AMR systems communicate using wireless protocols proprietary to respective manufacturers. In both cases, we perform reverse engineering to discover the proprietary communication protocol before we can analyze them. TPMS is a system mandated in automobiles manufactured after 2007. Pressure sensors, embedded in every tire, wirelessly send out periodic pressure readings to the car computer. We have studied and discovered that the system is vulnerable to eavesdropping and packet spoofing attacks. The second system, AMR, is a wireless data collection system for utility (gas, water, electric) meters. These systems wirelessly transmit periodic meter reading, allowing a mobile receiver without any proximity requirement to collect updates. We show through our experiments that the system is exposed to risks such as eavesdropping, packet spoofing, and user profiling.


© 2012, Ishtiaq Rouf