How Electromagnetic Interference Stops, Crashes, and Compromises Integrated Circuits

Every printed circuit board is, unintentionally, an antenna farm. The copper traces etched into the board the highways that carry clock signals, data, and power have a dual nature. During normal operation, they are conductors. When an external electromagnetic field sweeps across the board, they become receivers. The physics here is straightforward: a time-varying magnetic field induces a voltage in any conducting loop, a principle established by Faraday in 1831. On a modern PCB, even a trace that is two centimeters long and a fraction of a millimeter wide can develop a measurable induced voltage if the external field oscillates at a frequency whose wavelength is commensurate with the trace length.

The critical insight and the one that separates a nuisance from a weapon is that not all frequencies are equally dangerous. A 60 Hz power line hum couples weakly into a 3 GHz digital system. But a signal at or near the system clock frequency, or at a harmonic or sub-harmonic of it, couples with extraordinary efficiency. The traces are not merely passively receiving noise; they are being tuned, like the antenna of a radio, to resonate with the injected signal. This is the foundational principle behind every IEMI attack discussed in this article.

Interference enters a circuit through two channels. Radiated coupling occurs when an EM wave travels through free space and impinges on the board or its enclosure. Conducted coupling occurs when the interference travels along a shared wire a power cable, a ground bus, or an I/O line that connects to an external system. Both pathways ultimately convert field energy into a voltage on an internal signal line, but they have different characteristics. Radiated coupling is distance-dependent and drops off with the square of the range. Conducted coupling, by contrast, can travel meters along a cable with minimal loss, making it particularly dangerous for power supply lines and long-run communication buses.

The most elegant IEMI attack does not try to overpower a chip. It seduces it. This mechanism was first rigorously demonstrated by A. Theodore Markettos and Simon W. Moore of the University of Cambridge, published in the proceedings of the Cryptographic Hardware and Embedded Systems conference (CHES 2009, Springer LNCS, vol. 5747, pp. 317–331). Their paper, "The Frequency Injection Attack on Ring-Oscillator-Based True Random Number Generators," remains one of the most cited works in hardware security.

A True Random Number Generator (TRNG) is the bedrock of cryptographic security on any secure microcontroller. Without genuinely unpredictable numbers, encryption keys are guessable, and the entire security model collapses. The most common implementation of a TRNG on a chip uses ring oscillators closed loops of an odd number of inverter gates. Because of tiny manufacturing variations and thermal noise, each ring oscillator runs at a slightly different speed, and the phase relationship between two rings drifts unpredictably over time. A TRNG samples this drift to produce random bits. The security of the system is entirely dependent on the randomness of the jitter the small, stochastic timing variations in these oscillators.

Markettos and Moore demonstrated that when an external signal at a frequency close to the natural oscillation frequency of a ring oscillator is injected into the power supply of the chip, the oscillator does not simply add noise to its output. It locks. The phenomenon of injection locking first described by Adler in 1946 for radio oscillators means the oscillator's output frequency synchronizes to the injected signal. The random jitter that the TRNG depends on vanishes entirely. The oscillator is no longer random; it is deterministic.

The consequences were devastating in their demonstration. By locking the oscillator, the researchers reduced the effective keyspace of a secure microcontroller from 2⁶⁴ a number with nineteen digits down to just 3,300 possible values. They then successfully attacked a 2004 EMV "Chip and PIN" payment card, demonstrating that a random number that should have required 2³² guesses could be cracked in only 13 attempts.

While oscillator locking exploits a subtle property of analog circuitry, the attack described in a 2024 paper from Kobe University is more brute-force in nature but no less precise. Published in the IEEE Transactions on Electromagnetic Compatibility under the lead authorship of researchers at Kobe University's Graduate School of Science, Technology and Innovation (with Prof. Makoto Nagata as corresponding author), the paper "Chip-Backside Vulnerability to Intentional Electromagnetic Interference in Integrated Circuits" describes how high-voltage pulses delivered to the exposed backside of a flip-chip IC can cause individual bits to change state inside the chip.

Modern high-performance chips are packaged in flip-chip assemblies, where the die is mounted upside down onto the substrate, with the active circuits facing down and bonded via tiny copper pillars or solder bumps. The backside of the silicon the substrate itself is left largely exposed, covered only by a thin heat spreader or a minimal resin layer. This is a deliberate engineering trade-off: it improves heat dissipation and signal routing. But it also means the silicon substrate is physically accessible without decapsulation. An attacker with a needle, a focused EM probe, or a high-voltage pulse generator can reach the substrate directly.

The Kobe University team proposed and validated a circuit model explaining the bit-flip mechanism for the first time. When a high-voltage pulse is applied to a localized area of the Si substrate on the chip backside, the injected current does not simply flow into the chip's power distribution network. It also charges the gate capacitance of downstream transistors via the p-n junction diodes formed by the body-drain and body-source connections of N-channel MOSFETs in twin-well CMOS structures. This parasitic charging pathway can flip the state of a bistable circuit element a flip-flop from a logic 0 to a logic 1, or vice versa.

Crucially, the researchers found that the error pattern is not random it is strongly location-dependent and exhibits asymmetry between bit-set errors (0→1) and bit-reset errors (1→0). The direction of the error depends on the polarity of the pulse and the physical location of the flip-flop relative to the injection point. Using a three-dimensional RC network model of the IC, they simulated the voltage distribution across the chip and predicted which regions would experience bit-set vs. bit-reset errors, with results that matched their silicon experiments closely.

The first two mechanisms describe attacks that destroy security or flip bits. The third mechanism answers a more fundamental engineering question: at what point does electromagnetic interference cause a digital circuit to make an error? The answer comes from a 2003 paper in the IEEE Transactions on Electromagnetic Compatibility by Martin P. Robinson, Katharina Fischer, Ian D. Flintoft, and Andrew C. Marvin, titled "A Simple Model of EMI-Induced Timing Jitter in Digital Circuits, its Statistical Distribution and its Effect on Circuit Performance."

Consider a logic signal traveling from one gate to the next on a PCB. The signal has a rising edge a transition from low voltage to high voltage that crosses a logic threshold at a precise moment in time. If radio-frequency interference (RFI) is superimposed on this signal, the instantaneous value of the RFI shifts the waveform up or down. If the RFI is positive at the moment of switching, the signal crosses the threshold slightly earlier than intended. If negative, it crosses later. Over many switching events, this produces a distribution of timing variations jitter around the nominal delay.

Robinson et al. modeled this effect using only two measurable parameters: the rise time of the logic gate and its switching amplitude. Their simple theory predicted that jitter would be proportional to the peak threat voltage divided by the switching amplitude, scaled by the rise time. This gave engineers, for the first time, a tool that did not require knowledge of the internal workings of a black-box IC only parameters that could be measured from the outside.

The simple model, however, failed to account for two observed phenomena: jitter decreased at higher threat frequencies, and the statistical distribution of timing variations was asymmetric. Robinson and colleagues resolved both discrepancies by introducing a low-pass filter element into the model representing the finite bandwidth of the logic gate's input. The filter's time constant was set empirically at roughly one-third of the gate's rise time. With this modification, the model correctly predicted that faster RFI signals would induce less jitter (because they are filtered before they can shift the threshold crossing), and that the distribution of delay times would be skewed both effects confirmed by measurement across seven different logic families.

The model also yielded a practical formula for dynamic immunity the minimum pulse amplitude required to cause a logic gate to switch, as a function of pulse width. For short pulses, a much larger amplitude is needed. This is directly relevant to EMI shielding design: knowing the immunity curve allows an engineer to specify the required attenuation at each frequency.

The mechanisms described above are not theoretical. They have been weaponized in real-world attacks against critical infrastructure, autonomous vehicles, and payment systems.

Presented at NDSS 2023, Brokenwire exploits the Combined Charging System (CCS) used by most DC fast chargers. The CCS uses HomePlug GreenPHY power-line communication over the charging cable to exchange state-of-charge data and negotiate current levels between the EV and charger. The protocol uses CSMA/CA carrier sense multiple access with collision avoidance which means both the vehicle and the charger listen before transmitting. By continuously injecting a valid preamble signal into the cable's electromagnetic environment, the attacker makes both endpoints believe the cable is perpetually busy. Neither will transmit. The charging session times out and aborts.

The attack requires only off-the-shelf software-defined radio hardware and a power budget under 1 watt for a range of 47 meters. It works through walls, between building floors, and can target individual vehicles or entire charging hubs simultaneously. The researchers demonstrated the attack against eight vehicles and twenty chargers. For electric ambulances or fleet vehicles, this represents a potential life-safety threat.

Electromagnetic Signal Injection Attacks (ESIA) target the rolling shutter mechanism in camera sensors used by autonomous driving systems. By injecting electromagnetic signals into the camera's circuit board at frequencies synchronized to the shutter scan rate, an attacker can introduce color bands or distortion into the image being captured. Research published in 2023 and 2024 demonstrated that attack devices as small as a credit card could be deployed near a moving vehicle's camera to induce distortion while the car was in operation. Because autonomous driving AI systems trust the integrity of sensor data, even subtle image corruption can cause misclassification of road signs, lane boundaries, or other vehicles with potentially catastrophic consequences.

In research published at ACM CCS 2024, security researchers conducted fault injection attacks on all three subsystems of Tesla's car computer the infotainment system, the Autopilot safety controller, and the Autopilot inference processor. Two subsystems were compromised via low-cost voltage glitching; the third was compromised through a non-invasive electromagnetic fault injection attack. The researchers extracted firmware, machine learning model weights, sensor data, and cryptographic credentials. Notably, the vulnerable chips were automotive-grade components manufactured by AMD and NXP/STM, meaning the same attack vectors are applicable to other vehicle manufacturers using identical hardware.

The patent record reveals that both the attack and defense communities have been active. Two patents illustrate opposite sides of the problem.

Patent WO2017201409A1 filed by the University of Michigan System directly addresses the resonant injection problem. The underlying research, the WALNUT project (Waging Doubt on the Integrity of MEMS Accelerometers with Acoustic Injection Attacks), showed that MEMS accelerometers could be spoofed by playing acoustic signals at their resonant frequency. The patent proposes a defense: sample the sensor output at a frequency equal to or below the known resonant frequency, with each sample time offset by a random delay generated by a true random number generator. By randomizing the sampling phase, the aliased attack signal is averaged out and cannot produce a consistent false reading. This is a direct application of the principle that predictable sampling creates predictable vulnerabilities.

The frequency-jittering strategy used in power converters detailed in patents such as US9203293B2 and related works applies the same randomization principle in reverse. Instead of randomizing the sampling clock, these designs randomize the switching frequency of the power converter itself. By varying the oscillator frequency pseudo-randomly around a nominal value, the converter's emissions are spread across a wider bandwidth rather than concentrated at a single harmonic. This makes it significantly harder for an external IEMI attack to lock onto a precise frequency and couple efficiently into downstream circuitry.

Defending against IEMI requires thinking in layers. No single countermeasure is sufficient because the attack surface spans the physical enclosure, the PCB layout, and the circuit logic itself. The following framework, grounded in the research reviewed above and aligned with IEC 61000 electromagnetic immunity standards, provides a structured approach.

Intentional electromagnetic interference is not a science-fiction threat. It is a documented, reproducible, and in some cases trivially executable attack vector. The research reviewed here spanning from the cryptographic implications of oscillator locking to the circuit-level physics of bit-flipping to the mathematical prediction of timing failures collectively demonstrates that the electromagnetic environment is a security boundary as real as any network firewall or encryption algorithm.

What makes IEMI particularly challenging is its non-invasive nature. Unlike software exploits that can be patched or network attacks that can be firewalled, IEMI attacks operate on the physical layer the substrate, the traces, the packaging. Defending against them requires a fundamentally different mindset: one that treats the electromagnetic environment as an adversary to be modeled, measured, and hardened against at every stage of the design process.

As IoT devices proliferate in medical equipment, autonomous vehicles, industrial control systems, and critical infrastructure, the attack surface grows. The research cited in this article and the patents that are already attempting to codify defenses represents the current frontier. For engineers building systems that must be secure against physical-layer attacks, these are not optional reading. They are the map of the threat landscape.