Abstract Solid State Drives (SSDs) have gained significant market share among data storage options in recent years due to increased speed and durability. But when compared to Hard Disk Drives (HDDs), SSDs contain additional complexity which must be managed in firmware. Some manufacturers make firmware updates available, but their proprietary protections leave end users unable to verify the authenticity of the firmware post installation. This means that attackers who are able to get a malicious firmware version installed on a victim SSD are able to operate with impunity, as the owner will have no tools for detection. We use a method for performing side channel analysis of the current drawn by an SSD to compare its behavior while running genuine firmware against its behavior when running modified firmware. We further test this method for robustness against changes in external factors such as temperature and supplied power. In each case, we train a binary classifier with samples of genuine as well as modified firmware activity and are able to discriminate between them with over 90% accuracy in most experiments. Solid State Drives are trusted to store and protect critical data, so verification of SSD firmware is an important step towards having trust and confidence in the growing landscape of embedded devices used for critical operations.

中文翻译：

---

通过电流消耗分析检测固态驱动器上的固件修改

摘要 近年来，由于速度和耐用性的提高，固态驱动器 (SSD) 在数据存储选项中获得了显着的市场份额。但是与硬盘驱动器 (HDD) 相比，SSD 包含必须在固件中管理的额外复杂性。一些制造商提供固件更新，但他们的专有保护让最终用户无法在安装后验证固件的真实性。这意味着能够在受害者 SSD 上安装恶意固件版本的攻击者能够不受惩罚地进行操作，因为所有者将没有检测工具。我们使用一种方法对 SSD 汲取的电流进行旁道分析，以比较其运行正版固件时的行为与运行修改后固件时的行为。我们进一步测试了这种方法对外部因素（如温度和供电功率）变化的稳健性。在每种情况下，我们使用真实和修改后的固件活动样本训练二元分类器，并且在大多数实验中能够以超过 90% 的准确率区分它们。固态驱动器在存储和保护关键数据方面值得信赖，因此对 SSD 固件的验证是朝着对用于关键操作的嵌入式设备不断增长的前景产生信任和信心迈出的重要一步。