Paper 2020/562

The System That Cried Wolf: Sensor Security Analysis of Wide-area Smoke Detectors for Critical Infrastructure

Hocheol Shin, Juhwan Noh, Dohyun Kim, and Yongdae Kim

Abstract

Fire alarm and signaling systems are a networked system of fire detectors, fire control units, automated fire extinguishers, and fire notification appliances. Malfunction of these safety-critical cyber-physical systems may lead to chaotic evacuations, property damages, and even loss of human life. Therefore, reliability is one of the most crucial factors for fire detectors. Indeed, even a single report of a fire cannot be ignored considering the importance of early fire detection and suppression. In this paper, we show that wide-area smoke detectors, which are globally installed in critical infrastructures such as airports, sports facilities, and auditoriums, have significant vulnerabilities in terms of reliability; one can remotely and stealthily induce false fire alarms and suppress real fire alarms with a minimal attacker capability using simple equipment. The practicality and generalizability of these vulnerabilities has been assessed based on the demonstration of two types of sensor attacks on two commercial-off-the-shelf optical beam smoke detectors from different manufacturers. Further, the practical considerations of building stealthy attack equipment has been analyzed, and an extensive survey of almost all optical beam smoke detectors on the market has been conducted. In addition, we show that the current standards of the fire alarm network connecting the detector and a control unit exacerbate the problem, making it impossible or very difficult to mitigate the threats we found. Finally, we discuss hardware and software-based possible countermeasures for both wide-area smoke detectors and the fire alarm network; the effectiveness of one of the countermeasures is experimentally evaluated.

Note: This preprint is the same as the one (to be) published in ACM Transactions on Privacy and Security (TOPS). N.B. this is a part of author rights provided by ACM and does not violate the ACM copyright. Nonetheless, the authors hereby clearly state there is no intention to violate any of the ACM copyrights, terms, and conditions. Once officially published, the corresponding Digital Object Identifier (DOI) will be placed alongside this preprint or the webpage on which this document is posted. For further information on ACM author rights, please refer to https://authors.acm.org/author-services/author-rights.