Modern connected devices need both computing and communication capabilities. For example, smartphones carry a multi-core processor, memory, and several radio transceivers on the same platform. Simpler embedded systems often use a mixed-signal chip that contains both a microcontroller and a transceiver. The physical proximity between digital blocks, which are strong sources of electromagnetic noise, and radio transceivers, which are sensitive to such noise, can cause functional and performance problems. Indeed, there exist many noise coupling paths between components on the same platform or silicon die. In this thesis we explore the security issues that arise from the interaction between digital and radio blocks, and we propose two novel attacks.
With Screaming Channels, we demonstrate that radio transmitters on mixed-signal chips might broadcast some information about the digital activity of the device, making side channel attacks possible from a large distance. With Noise-SDR, we show that attackers can shape arbitrary radio signals from the electromagnetic noise triggered by software execution, to interact with radio receivers, possibly on the same platform.