1. Gabatarwa

Ciyarwar wayoyi ba tare da waya ba, wacce aka kwatanta ta da ma'aunin Qi da ya yaɗu, tana ba da sauki da ƙarin aminci ta hanyar kawar da masu haɗawa na zahiri. Kasuwarta tana girma da kashi 25.8% a kowace shekara (CAGR). Duk da haka, wannan takarda, "VoltSchemer," ta karye kumfa na tsaro da ake zato ta hanyar fallasa muhimman raunuka. Babban binciken shine cewa ganganci na tsangwama na lantarki (IEMI), wanda aka shigar a matsayin hayaniyar wutar lantarki daga wutar lantarki da aka lalata, na iya yaduwa ta cikin tsarin kuma ya sace tashar sadarwa a cikin rukunin tsakanin mai ciyarwa da na'urar. Wannan yana ba mai kai hari damar samun cikakken iko akan Ciyarwar Wayoyi Ba tare da Waya ba na Kasuwanci (COTS) ba tare da wani gyara na zahiri ba, yana ba da damar gudanar da jerin hare-hare masu ƙarfi.

2. Bayanan Baya & Ayyukan Da Suka Gabata

2.1. Ciyarwar Wayoyi Ba tare da Waya ba & Ma'aunin Qi

Ciyarwar wayoyi ba tare da waya ba ta Qi tana amfani da haɗin kai tsakanin na'urorin watsawa (Tx) da karɓa (Rx). Sadarwa don sarrafawa (misali, buƙatun wutar lantarki, siginonin FOD) ana samun su ta hanyar daidaita siginar mai ɗaukar wutar lantarki a cikin rukunin, ba kamar ciyarwar da aka yi da waya ba wacce ke da layukan bayanai daban. Ƙungiyar Wutar Lantarki Ba tare da Waya ba (WPC) tana aiwatar da ka'idojin aminci kamar Ganewar Abun Waje (FOD) don hana dumama abubuwa na ƙarfe.

2.2. Hare-haren Da Suka Gabata Akan Tsarin Ciyarwa

Binciken da ya gabata (misali, MACTANS, Juice Jacking) ya mai da hankali kan ciyarwar da aka yi da waya, yana amfani da layukan bayanai na USB don shigar da malware ko shigar da dannawa. An ɗauki ciyarwar wayoyi ba tare da waya ba a matsayin mafi aminci saboda rashin hanyar bayanai kai tsaye. VoltSchemer ta ƙalubalanci wannan zato ta asali ta hanyar kai hari kan wutar lantarki da tashar sadarwa kanta.

3. Samfurin Barazana & Bayyani Game da Hari

3.1. Iyawar Maƙiyi

Mai kai hari yana buƙatar iko akan na'urar daidaita wutar lantarki AC-DC da ke samar da ciyarwar wayoyi ba tare da waya ba. Wannan na iya zama tashar ciyarwa ta jama'a mai mugunta, tacewa mai wayo, ko na'urar daidaitawa da aka lalata. Ba a buƙatar gyara ga mai ciyarwa ko na'urar.

3.2. Ka'idar Asali Ta Hari: Shigar da Hayaniyar Wutar Lantarki

Mai kai hari yana shigar da hayaniyar wutar lantarki da aka ƙera a hankali ($V_{noise}(t)$) cikin layin wutar lantarki DC. Wannan hayaniyar tana haɗuwa cikin na'urar ciyarwa ta hanyar tsangwama na lantarki (EMI), a ƙarshe tana daidaita filin maganadisu da na'urar watsawa (Tx coil) ta samar. Tunda sadarwar Qi ta dogara ne akan daidaita wannan fili ɗaya, mai kai hari na iya shigar da fakitin sarrafawa na mugunta, yana yin kama da ko dai mai ciyarwa ko na'urar.

Matsayin Nasara na Hari

9/9

Mafi sayar da ciyarwar COTS masu rauni

Girma Kasuwa (CAGR)

25.8%

Masana'antar ciyarwar wayoyi ba tare da waya ba

Muhimmin Hanyar Kai Hari

Hayaniyar Wutar Lantarki → EMI → Sace Siginar

4. Hanyoyin Kai Hari Na VoltSchemer

4.1. Shigar da Umarnin Murya Wanda Ba a Ji Ba

Ta hanyar daidaita siginar wutar lantarki, mai kai hari na iya samar da siginonin sauti daga abubuwan ciki na mai ciyarwa (coils, capacitors) a mitoci masu girma (ultrasonic). Waɗannan ana iya daidaita su ta hanyar makirufo na wayar hannu don aiwatar da umarnin murya akan mataimakan murya (misali, Siri, Google Assistant) ba tare da sanin mai amfani ba.

4.2. Lalata Na'ura Ta Hanyar Yin Ciyarwa Fiye da Kima/Konewa

Mai kai hari na iya ƙirƙirar fakitin sadarwar Qi don umurci mai ciyarwa ya ba da wutar lantarki mai yawa fiye da iyakokin da na'urar ta yarjejeniya, yana iya lalata baturi ko na'urar ta hanyar wutar lantarki mai yawa ko damuwa na zafi.

4.3. Ketare Ganewar Abun Waje (FOD)

Wannan shine hari mafi mahimmanci. Mai kai hari na iya aika ƙirƙirar siginonin FOD "share duka" zuwa ga mai ciyarwa yayin da wani abu na ƙarfe (misali, maɓalli, tsabar kuɗi, ko katin NFC) yana kan kushin ciyarwa. Mai ciyarwa, wanda aka yaudare shi cewa babu wani abu na waje, yana ci gaba da aiki da cikakken ƙarfi, yana haifar da igiyoyin ruwa masu haɗari waɗanda zasu iya dumama abu zuwa yanayin ƙonewa ko kawar da maganadisu/ narkar da abubuwa masu daraja.

5. Cikakkun Bayanai na Fasaha & Samfurin Lissafi

5.1. Yaduwar Siginar & Haɗuwar EMI

Hayaniyar wutar lantarki da aka shigar $V_{noise}(t)$ tana yaduwa ta hanyar motar DC. Abubuwan da ba su dace ba (alamomi, capacitors) suna aiki azaman eriya, suna haɗa wannan hayaniyar cikin na'urori masu hankali na analog da na sauyawa na mai ciyarwa. Ana iya samfurin haɗuwa azaman aikin canja wuri da ba a so $H_{coupling}(f)$: $$V_{induced}(f) = H_{coupling}(f) \cdot V_{noise}(f)$$ inda $V_{induced}(f)$ shine hayaniyar da ke bayyana akan mahimman nodes.

5.2. Daidaita Siginar Wutar Lantarki Don Sadarwa A Cikin Rukunin

Sadarwar Qi tana amfani da Maɓallin Canjin Girma (ASK). Na'urar Rx tana daidaita nauyin don ƙirƙirar bambance-bambance na girma akan wutar lantarki na coil Tx. Hayaniyar da mai kai hari ya haifar $V_{induced}(t)$ na iya yin kwaikwayon wannan daidaitawar. Don shigar da bit '1', mai kai hari yana sanya wani yanki na mitar musamman don haifar da faɗuwar girma da za a iya gano shi. Bayanin hayaniyar da ake buƙata dole ne ya dace da tsarin fakitin Qi (gabatarwa, kai, saƙo, checksum).

6. Tsarin Gwaji & Sakamako

6.1. Na'urorin Da Aka Gwada & Matsayin Nasara

Marubutan sun yi nasara wajen nuna dukkan hare-hare guda uku akan 9 cikin 9 na manyan ciyarwar Qi na COTS da aka fi siyarwa daga alamu kamar Belkin, Anker, da Samsung. Wannan matsakaicin nasara na 100% yana nuna yaduwar raunin.

6.2. Ma'auni Mafi Muhimmanci na Aiki & Abubuwan Lura

Bayanin Chati (Tunani): Chati na sandar zai nuna "Matsayin Nasara na Hari A kowace Samfurin Ciyarwa" a kusan 100% ga kowa. Zanen layi zai zana "Yanayin Zafi na Abu Da Aka Haifar vs. Lokaci" yayin harin ketare FOD, yana nuna haɓaka mai tsauri zuwa sama da 280°C ga maɓallin gida, yana nuna haɗarin wuta. Wani zane zai kwatanta sarkar siginar: Wutar Lantarki Mai Mugunta → $V_{noise}$ Da Aka Shigar → PCB Mai Ciyarwa (Haɗuwar EMI) → Daidaita Coil Tx → Filin Maganadisu Mai Mugunta → Na'ura/Abu Da Ake Hari.

Gwaje-gwajen sun tabbatar da ikon shigar da fakitin Qi masu inganci, tilasta yanayin ƙarfi mai girma na ci gaba, da dumama abubuwan waje zuwa matakan haɗari a cikin mintuna.

7. Tsarin Bincike & Nazarin Lamari

Tsarin Don Kimanta Tsaron Ciyarwar Wayoyi Ba tare da Waya ba:

  1. Binciken Ingantaccen Siginar: Bincika matakin shigar wutar lantarki don yiwuwar kamuwa da EMI da aka gudanar. Auna Ma'aunin Ƙin Wutar Lantarki (PSRR) na mahimman ICs na mai ciyarwa.
  2. Fuzzing na Yarjejeniyar Sadarwa: Shigar da tsarin hayaniyar wutar lantarki mara kyau da wanda bai dace ba don gwada ƙarfin mai fassara yarjejeniyar Qi akan microcontroller na mai ciyarwa.
  3. Kulawa da Tashar Gefe: Kulawa da tashoshin gefe da ba a yi niyya ba (sauti, zafi, wutar lantarki) yayin aiki na yau da kullun don kafa tushe, sannan a gano abubuwan da ba su dace ba yayin simintin gwaji na hari.
Nazarin Lamari - Kiosk na Ciyarwa na Jama'a: Mai kai hari ya maye gurbin na'urar daidaita wutar lantarki a cikin tashar ciyarwar filin jirgin sama da wani mai mugunta. Lokacin da mai amfani ya sanya wayarsa, na'urar daidaitawa ta aiwatar da harin ketare FOD yayin da maɓallin takarda na ƙarfe (wanda mai kai hari ya sanya) shima yana kan kushin. Wayar tana ciyarwa da al'ada, amma maɓallin takarda yana dumama, yana iya lalata murfin wayar ko haifar da rauni. A lokaci guda, ana iya aika umarni marasa ji don buɗe gidan yanar gizo mai mugunta.

8. Hanyoyin Kariya & Dabarun Ragewa

  • Matsayin Kayan Aiki: Aiwatar da tacewa mai ƙarfi da kariya a shigar wutar lantarki DC. Yi amfani da samfuran canza wutar lantarki keɓantacce. Haɗa tabbacin fakitin tushen kayan aiki don umarni masu mahimmanci (misali, matsayin FOD, sarrafa wutar lantarki).
  • Matsayin Firmware/Yarjejeniya: Ƙara lambobin tabbacin saƙo (MACs) ko sa hannun dijital zuwa fakitin Qi, kamar yadda marubutan suka ba da shawarar. Aiwatar da binciken hankali (misali, tantance buƙatun wutar lantarki tare da na'urori masu auna zafi).
  • Sanin Mai Amfani: Guji amfani da ciyarwar wayoyi ba tare da waya ba na jama'a, waɗanda ba a amince da su ba don na'urori masu daraja. Ku kasance masu sane da dumama da ba a saba gani ba yayin ciyarwa.

9. Aikace-aikace na Gaba & Jagororin Bincike

  • Faɗaɗa Manufar Manufa: Bincika irin wannan hare-haren hayaniyar wutar lantarki akan wasu tsarin haɗin kai (misali, masu karanta RFID, ciyarwar wayoyi ba tare da waya ba na motoci masu wutar lantarki).
  • Samar da Hari Mai Haɓaka AI: Yin amfani da koyon ƙarfafawa don gano mafi kyawun siffofin hayaniya don kayan aikin ciyarwa daban-daban, kamar hare-haren maƙiya a cikin koyon injin da aka yi amfani da shi ga kayan aiki.
  • Juyin Halitta na Ma'auni: Matsawa WPC don tilasta haɓaka tsaro a cikin ƙayyadaddun Qi na gaba, mai yuwuwar haɗa ƙa'idodin ɓoyayyen bayanai masu sauƙi waɗanda suka dace da ƙarancin wutar lantarki, sarrafa ainihin lokaci.
  • Kayan Aikin Tsaro: Haɓaka tsare-tsaren gwaji ta atomatik don masana'antun don kimanta juriyar ciyarwarsu ga hare-haren irin na VoltSchemer.

10. Nassoshi

  1. Zhan, Z., Yang, Y., Shan, H., Wang, H., Jin, Y., & Wang, S. (2024). VoltSchemer: Yi Amfani da Hayaniyar Wutar Lantarki Don Sarrafa Mai Ciyarwar Wayoyi Ba tare da Waya ba. arXiv preprint arXiv:2402.11423.
  2. Ƙungiyar Wutar Lantarki Ba tare da Waya ba. Ƙayyadaddun Tsarin Canja Wutar Lantarki Ba tare da Waya ba na Qi.
  3. Clark, S., et al. (2013). MACTANS: Shigar da Malware cikin Na'urorin iOS Ta Hanyar Masu Ciyarwa Masu Mugunta. USENIX Security.
  4. Zhang, K., et al. (2021). Koyon Sauraro: Cibiyar Sadarwar Jijiya Don Ganewar Murya Wanda Ba a Ji Ba. IEEE S&P.
  5. NIST. (2020). Jagororin Gudanar da Tsaron Na'urorin Wayar Hannu a Cikin Kamfani (SP 800-124 Rev. 2).

11. Binciken Kwararru & Bita Mai Ma'ana

Fahimta ta Asali

Takardar VoltSchemer ba wani hack na kayan aiki kawai ba ce; fassarar canjin tsari ce. Tana nuna cewa samfurin amintaccen tushen ciyarwar wayoyi ba tare da waya ba—inda tsaro ya samo asali ne daga rashin wayar bayanai—yana da kuskure a asali. Raunin gaske ba ya cikin dabaru na yarjejeniyar Qi amma a cikin rata aiwatarwa na zahiri tsakanin ƙayyadaddun dakin tsafta da gaskiyar na'urorin lantarki na masu amfani masu hayaniya, masu saurin EMI. Wannan aikin ya yi daidai da wani babban yanayi a cikin tsaron kayan aiki, mai kama da binciken da aka samu a cikin takarda mai mahimmanci na CycleGAN wanda ya nuna yadda za a iya sarrafa rarraba bayanai ta hanyar mugunta; a nan, ingancin siginar wutar lantarki ne aka lalata. Kamar yadda aka lura a cikin jagororin NIST kan tsaron na'urar wayar hannu, filin hari ya faɗaɗa zuwa zurfin sarkar samarwa da abubuwan tallafi.

Kwararar Hankali

Hankalin marubutan yana da kyau sosai: 1) Qi yana amfani da siginar wutar lantarki don sadarwa. 2) Ingantaccen siginar wutar lantarki ya dogara ne akan wutar lantarki mai tsabta. 3) Wutar lantarki shigarwa ce ta waje, wacce ba a amince da ita ba. 4) Saboda haka, mai kai hari da ke sarrafa wadatar zai iya sarrafa sadarwa. Sun ketare shekarun da suka wuce na tsaro na software mai yawa ta hanyar kai hari ga matakin analog/na zahiri, wata hanyar da ake yawan yin watsi da ita don amfanin cin zarafi na dijital. Ci gaba daga tabbacin ra'ayi (shigar hayaniya) zuwa hare-hare masu amfani (murya, lalacewa, ketare FOD) yana da tsari kuma yana da gamsarwa.

Ƙarfi & Kurakurai

Ƙarfi: Matsayin nasara na 9/9 shine bugun knockout—wannan ba rauni ba ne na gefe. Harin ketare FOD yana da ban tsoro musamman, yana fassara kuskuren sadarwa zuwa haɗarin aminci na zahiri kai tsaye (wuta). Aikin yana da amfani sosai, yana buƙatar kayan aikin COTS kawai.

Kurakurai & Tambayoyin Buɗe: Takardar ta taɓa maganar hanyoyin kariya amma ba ta da zurfin bincike na fa'ida-fa'ida ga masana'antun. Shin ƙara ɓoyayyen bayanai zuwa madaukai na sarrafa wutar lantarki na milis na milis yana yiwuwa akan MCUs masu arha? Samfurin barazana yana ɗaukar iko akan na'urar daidaita wutar lantarki, wanda, ko da yake yana da ma'ana a wuraren jama'a, yana ɗaga mashaya idan aka kwatanta da wayoyi masu sauƙi na mugunta. Tasirin dogon lokaci na harin a kan ciyarwar zamani tare da ingantaccen tacewa ba a gwada shi ba.

Fahimta Mai Aiki

Ga masana'antun, wannan wuta ce ta ƙyallen biyar. Ana buƙatar aiki nan take: bincika ƙin wadatar wutar lantarki a cikin ƙirar da ke akwai kuma a tilasta ingantaccen shigar tacewa da kariya a cikin sabbin samfuran. Yin hulɗa tare da WPC don haɓaka ƙarin tsaro ga ma'aunin Qi ba abin da za a iya yin shawarwari ba ne.

Ga ƙungiyoyin tsaro na kamfani, ku ɗauki ciyarwar wayoyi ba tare da waya ba na jama'a da irin wannan zato kamar tashoshin USB na jama'a. Manufofin yakamata su hana amfani da su don na'urorin kamfani waɗanda ke sarrafa bayanai masu mahimmanci.

Ga masu bincike, VoltSchemer ta buɗe sabon yanki: tsaron hanyoyin isar da wutar lantarki. Aikin nan gaba dole ne ya binciko dabarun tsaro na hankali don gano sacewa na tushen EMI a ainihin lokaci, mai yuwuwar yin amfani da na'urar ciyarwa kanta azaman na'urar auna. Yaƙin don tsaro ya yanke shawara ya koma cikin yankin analog.