PreMSat: Preventing Magnetic Saturation Attack on Hall Sensors

. Spooﬁng a passive Hall sensor with fake magnetic ﬁelds can inject false data into the downstream of connected systems. Several works have tried to provide a defense against the intentional spooﬁng to diﬀerent sensors over the last six years. However, they either only work on active sensors or against externally injected unwanted weak signals (e.g., EMIs, acoustics, ultrasound, etc.), which can only spoof sensor output in its linear region. However, they do not work against a strong magnetic spooﬁng attack that can drive the passive Hall sensor output in its saturation region. We name this as the saturation attack. In the saturation region, the output gets ﬂattened, and no information can be retrieved, resulting in a denial-of-service attack on the sensor. Our work begins to ﬁll this gap by providing a defense named PreMSat against the saturation attack on passive Hall sensors. The core idea behind PreMSat is that it can generate an internal magnetic ﬁeld having the same strength but in opposite polarity to external magnetic ﬁelds injected by an attacker. Therefore, the generated internal magnetic ﬁeld by PreMSat can nullify the injected external ﬁeld while preventing: (i) intentional spooﬁng in the sensor’s linear region , and (ii) saturation attack in the saturation region . PreMSat integrates a low-resistance magnetic path to collect the injected external magnetic ﬁelds and utilizes a ﬁnely tuned PID controller to nullify the external ﬁelds in real-time. PreMSat can prevent the magnetic saturation attack having a strength up to ∼ 4200 A-t within a frequency range of 0 Hz–30 kHz with low cost ( ∼ $14), whereas the existing works cannot prevent saturation attacks with any strength. Moreover, it works against saturation attacks originating from any type , such as constant, sinusoidal, and pulsating magnetic ﬁelds. We did over 300 experiments on ten diﬀerent industry-used Hall sensors from four diﬀerent manufacturers to prove the eﬃcacy of PreMSat and found that the correlation coeﬃcient between the signals before the attack and after the attack is greater than 0.94 in every test case. Moreover, we create a prototype of PreMSat and evaluate its performance in a practical system — a grid-tied solar inverter. We ﬁnd that PreMSat can satisfactorily prevent the saturation attack on passive Hall sensors in real-time. We evaluate the eﬃcacy of PreMSat on a real-world practical system a grid-tied inverter and demonstrate that PreMSat prevents the DoS attack on a practical system.


Introduction
A Hall sensor can measure magnetic fields from the surrounding environment and generates a proportional voltage at its output [Ram11]. Hall sensors are pervasive in many safetycritical systems, ranging from industrial controllers to power systems, computers to home automation, and automobiles to aircraft [TCC11,XPHL12,NLHL13,CCCS01,CLH + 09,hal,CWAF17]. Over the last three decades, Hall sensors have been technically improved in terms of stability, accuracy, and linearity [Gil06]; however, to the best of our knowledge, designers still do not consider security as one of the important requirements while designing hall sensors. The vulnerability of Hall sensors has recently been exposed by few works [SMTS13,BAF20]. In these works, the attacker uses an external magnetic field to spoof Hall sensors located in a solar inverter and anti-lock braking system, resulting in a denialof-service (DoS) attack on the connected power grids and automotive systems, respectively.
A Hall sensor has a Hall element [GN86], which outputs a voltage proportional to the sensed magnetic fields to a differential amplifier. The input-output characteristic of a differential amplifier is linear. If the output voltage from the Hall element is small, the differential amplifier typically works in its linear region. However, if the output voltage from the Hall element is large, the differential amplifier cannot work in its linear region and is driven to its saturation region [PP02]. In the saturation region, the input-output characteristic gets flattened; hence, no information can be recovered, causing a DoS attack on the Hall sensor. An attacker can use this knowledge to drive the differential amplifier to its saturation region by using a strong external magnetic field. We name this attack as the saturation attack. Please note that here, sensor saturation does not refer to magnetic saturation [HJBA20]. Moreover, Hall sensors are broadly two types: active and passive. Passive Hall sensors are naive devices; they send signals to the upper level without checking the integrity of the signals that makes them vulnerable to external fake magnetic fields.
Recent works [BAF22, TWX + 17, CSWL14, Ale19, KBC + 13, ZYJ + 17, RSHC18] may prevent spoofing a sensor in its linear region to some extent. However, to the best of our knowledge, no work in literature can prevent a saturation attack on passive Hall sensors. Therefore, we provide a defense for passive Hall sensors against a saturation attack. We name it as PreMSat: Preventing Magnetic Saturation, which can prevent a saturation attack on passive Hall sensors 1 in real-time and also prevent spoofing in the linear region.
The core idea behind PreMSat is that it can generate an internal magnetic field having the same strength but in opposite polarity to the external magnetic field injected by an attacker. As a result, the internal magnetic fields generated by PreMSat can nullify the externally injected magnetic fields with two consequences: (i) it prevents magnetic spoofing in the linear region, and (ii) it prevents the saturation attack. Please note that only a portion of injected magnetic fields may contribute to the saturation attack on Hall sensors. Therefore, PreMSat introduces the following three techniques: (i) PreMSat provides a low-resistance magnetic path, made with ferrite core, to collect the contributing portion of the externally injected fields, (ii) PreMSat provides a secondary sensor, mounted in the ferrite core, to measure the strength and polarity of the contributing external field, and (iii) PreMSat uses a proportional-integral-derivative (PID) controller and a primary coil to generate an internal magnetic field equal to the contributing external field to nullify it. The PID controller is well-tuned so that it takes a settling time of 23 µs to generate the stable internal magnetic field. The low settling time of the PID controller fulfils the real-time requirement of PreMSat. We demonstrate the efficacy of PreMSat on a grid-tied inverter proving its real-time effectiveness against the saturation attack on practical systems. We present a prototype of PreMSat that nullifies external fields with a strength up to ∼ 4200 A-t. It seems that a strong attacker may overcome the defense prototype with a field higher than 4200 A-t. However, the strength of the prototype theoretically can be increased to any higher limit using stronger hardware that may prevent a stronger attacker. Contributions: Our main technical contributions in this paper are listed below: 1. We propose PreMSat that can protect a passive Hall sensor against: (i) spoofing attacks on linear regions and (ii) saturation attacks on saturation regions. It works against any type, such as constant, sinusoidal, and pulsating magnetic fields, in real-time.
2. We create a prototype of PreMSat and show its effectiveness through experiments on ten different Hall sensors from four different manufacturers. We consider different types, namely unipolar, bipolar, open-loop, and closed-loop Hall sensors to prove that PreMSat is a general defense technique against the saturation attack on passive Hall sensors.
3. We evaluate the efficacy of PreMSat on a real-world practical system -a grid-tied inverter and demonstrate that PreMSat prevents the DoS attack on a practical system.

Demonstration:
The demonstration of the proposed defense is shown in the following link: https://sites.google.com/view/preventingmagneticsaturation/home 2 Preliminaries

The physics of the Hall sensor
The physics of a typical Hall sensor is shown in Fig. 1 (left). The Hall sensor [Pau12] has a Hall element, which is a p-type semiconductor [OHN + 08]. Let us denote the thickness of the Hall element by d. A DC voltage bias is applied across the Hall element that causes a bias current, I Bias flowing through the Hall element along the +X axis. Let us assume a magnetic field/flux density, B is present along the +Z axis. The magnetic field, B exerts a Lorentz force, F [Hub09] on electrons and holes of the Hall element that deflects them to either side of the Hall element along the +Y axis [MVM09]. As electrons and holes move sidewards along the +Y axis, a voltage is generated between two sides of the Hall element along the +Y axis. The voltage is known as Hall voltage, V H and is expressed as: where k is the Hall coefficient. Typically I Bias , d and k are held constant; therefore, V H is proportional to the magnetic field density B. In this way, a Hall sensor can sense a magnetic field B and convert it to a useful electrical signal V H .

Hall sensor electronics
Hall sensors have other electronics in addition to a Hall element that is shown in Fig. 1 (middle). The output of the Hall element is given to a signal conditioning block, which has a differential amplifier. A differential amplifier amplifies the output voltage of the Hall element (i.e., V H ) and also removes the common-mode noises from V H . Common-mode noises are unwanted signals that are present at +ve and -ve input leads of the differential amplifier with respect to analog ground. Moreover, a voltage regulator is used to provide a stable bias current I Bias to the Hall element. The stable I Bias keeps the output V H proportional to the input magnetic field B in Eqn. 1. It is clear from this discussion that Hall sensors don't have dedicated hardware to prevent a spoofing attack on them.

Linear and saturation regions of a Hall sensor
The sensed magnetic field B in Eqn. 1 can be either +ve or -ve depending upon its polarity (i.e., north/south pole). Therefore, the differential amplifier's output, denoted as V O in Fig. 1 (middle), can go either +ve or -ve, thus requiring two (i.e., both +ve and -ve) power supplies. To avoid using two power supplies, a fixed bias voltage, V Bias is added to the differential amplifier. Therefore, a +ve/-ve magnetic field B can drive the V O to upper/lower position from the V Bias and V O = V Bias when B is zero. The term V O works in the linear region, and the V O cannot exceed the limit imposed by the power supply. In fact, the V O will begin to flatten before the power supply limits are reached. This flattened region is known as the saturation region, denoted by V Sat , which is illustrated in Fig. 1 (right). Please note that the exact value of input field B cannot be recovered while the differential amplifier's output V O is in the saturation region. Moreover, saturation occurs in the differential amplifier, not in the Hall element. Therefore, a strong spoofing magnetic field can drive the Hall sensor to saturation without damaging the Hall element. A naive approach to prevent a saturation attack is to increase the saturation voltage of a differential amplifier. However, this is not a complete solution because the attacker can still spoof a Hall sensor in its linear region. We discuss the advantages of PreMSat over increasing the saturation voltage of a differential amplifier in Sections 4.3.2 and 5.10. In addition, the detection of the saturation attack can be done by checking the output V O stuck to the +ve/-ve limits; however, this will not help to recover information from the saturation region and cannot prevent spoofing in the linear region of the amplifier.

Active and passive Hall sensor
An active Hall sensor [Wei01a] can measure signals transmitted by the sensor that were reflected, refracted, or scattered by the physical environment. A passive Hall sensor [Wei01b] can only measure natural emissions coming from the physical environment. PyCRA [SMY + 15] works only for active sensors but not for passive Hall sensors. Therefore, we aim to provide a defense against the saturation attack on passive Hall sensors.

Proportional-integral-derivative (PID) controller
A PID controller [Pan12] is a closed-loop control system that generates a feedback signal to minimize an error. It continuously calculates an error, e(t) = r(t)u(t), as the difference between a desired setpoint r(t) and a feedback signal u(t). It continuously updates u(t) to minimize the error e(t) so that u(t) achieves a value closer to desired setpoint r(t). It uses proportional, integral and derivative operations on e(t) following Eqn. 2.
where K p , K i , and K d are proportional, integral, and derivative gain, respectively. The values of K p , K i , and K d should be tuned optimally so that the PID controller remains stable with a minimum overshoot of u(t). Usually, tuning takes place in the s-domain for a continuous-time PID controller or in the z-domain for a discrete-time PID controller. The s-domain is used to solve the continuous-time differential equation, whereas the z-domain is used to solve a discrete-time equation with Z-transformation [FK77].

Saturation attack model and its consequences
The important four components of the saturation attack model are explained below: 1. Assumptions on attackers: The attacker can be a disgruntled employee or a guest, who is not allowed to modify the target Hall sensor like a lunch-time attack [GGK + 16].

Attacker's goals:
The attacker only uses high power magnetic energy from a distance to noninvasively spoof and inject malicious signals into the Hall sensor to drive it to its saturation region. Therefore, the attack can be seen as a noninvasive physical attack.

Attack tool and cost:
The attacker can use an electromagnet [ama] to generate strong fields for a saturation attack. The electromagnet can be controlled with a MOSFET [pow] and an Arduino [ard] using pulse-width modulation (PWM) technique to generate different types, such as constant, sinusoidal, pulsating magnetic fields, with different frequencies.
The total cost of attack tools is < $60, which will not be increased for higher strength or frequency of the magnetic fields. By changing the duty cycle and frequency of the PWM signal, it is possible to increase or decrease the strength or frequency of the magnetic fields at the same cost. Moreover, the attack tools are easily available on Amazon/Digikey. Therefore, the saturation attack is realistic by a strong attacker. 4. Sensor shield: A sensor shield may or may not be present around a Hall sensor. The saturation attack is strong enough to drive the Hall sensor to its saturation region even in the presence of a shield. We compare PreMSat with a shield in Section 5.9 in detail.

Consequences of the saturation attack:
As Hall sensors are critical parts of safetycritical systems (i.e., autonomous vehicles, smart grids, etc.), the consequences of a saturation attack on a target Hall sensor can be catastrophic. A similar incident is found in the literature where an attacker injects fake magnetic fields into Hall current sensors located in a solar inverter and drives the hall sensor to its saturation. As a result, the solar inverter shuts down itself because the saturated Hall sensor cannot provide correct values from the micro-grid, causing a blackout in the micro-grid [BAF20]. Another incident demonstrates a disruptive attack on a Hall sensor located in an anti-lock braking system (ABS) of a vehicle, resulting in a possible brake failure [SMTS13]. An example of a saturation attack other than on a Hall sensor is demonstrated by Shin et al. [SKKK17]

The defense scheme -PreMSat
The core idea behind PreMSat is that it can generate an internal magnetic field having the same strength but in opposite polarity to the externally injected magnetic fields. As a result, the internal magnetic fields can nullify the external magnetic fields. Before designing PreMSat, it is required to discuss few important concepts related to electromagnetism that will be conceptualized in PreMSat.

Contributing direction of the magnetic fields on Hall sensors
The Hall element in the Hall sensor is not sensitive to all directions of a magnetic field. Rather, the Hall element is sensitive to a particular magnetic field direction that actually contributes to the generation of the Hall voltage V H . We bring Proposition 1 below to state the contributing direction of magnetic fields on Hall sensors. Proposition 1: The Hall element located in the Hall sensor is sensitive to only the vertical component of the magnetic fields that is perpendicular to the bias current I Bias . Explanation of Proposition 1: According to Lorentz Force [Hub09], the Hall voltage V H in Eqn. 1 is only sensitive to magnetic fields B, which is perpendicular to bias current I Bias . This phenomena is also illustrated in Fig. 1 (left), where magnetic fields B is in +Z axis and the bias current I Bias is flowing along +X axis. Therefore, the Hall element is only sensitive to the vertical component of magnetic fields that is perpendicular to I Bias . Terminology: Let us denote the external magnetic fields injected by the attacker by B external . If the attacker uses multiple magnetic sources to generate B external , the vector summation of all the vertical components of the B external will contribute to the Hall voltage, V H . Let us denote the magnitude of the summation of all vertical components of B external perpendicular to I Bias by B v external . Fig. 2

Internal magneto-motive force (MMF) generated by PreMSat
The attacker needs a magnetic source (i.e., electromagnet, electromagnetic interference -EMI, etc.) to generate external magnetic fields B external to drive the target Hall sensor to its saturation region. The strength of the magnetic source is quantified by magneto-motive force (MMF) [Hub09]. For defense, PreMSat needs to use an internal magnetic source that can generate the exact MMF to provide an internal field B internal to nullify the B v external . Let us denote the internal MMF generated by PreMSat by M M F internal . Primary coil: PreMSat implements a circular ferrite core [KSG + 99] with a coil winded in spiral direction to generate the MMF internal . As the ferrite core has circular shape, it can also be called by a toroid. The term toroid is used interchangeably with ferrite core in this paper. Let us denote the winding coil, which generates the MMF internal , by the primary coil. The construction of the toroid with the primary coil is shown in Fig. 3. The MMF internal generated by the primary coil is expressed in Eqn. 3.
where N primary is the total number of turns in the primary coil and I primary is the current flowing through the primary coil. The M M F internal generates the internal magnetic field B internal , which can be expressed as follows for a toroid: where µ o is the magnetic permeability of air, µ r is the relative permeability of a ferrite core, and r is the radius of a toroid. The generated B internal should be equal to the B v external but in opposite polarity to nullify the B v external . This will be discussed in the next section.

Primary coil nullifies the B v external
As discussed earlier, the primary coil generates a B internal , which is equal to the B v external but in opposite polarity to nullify the B v external . PreMSat generates the B internal by addressing the following two important questions: Q1. How can PreMSat generate B internal having equal magnitude to the B v external ? Q2. How can PreMSat align the B internal in opposite direction to nullify the B v external ? These two questions are addressed below in Sections 4.3.1, 4.3.2, and 4.3.3.

Generating the B internal having equal magnitude to the B v external
At first, PreMSat needs a methodology to sense the magnitude and direction of the B v external correctly to generate a correct B internal . The steps to accomplish this is explained below.
1. Introducing a secondary sensor: As a Hall sensor under attack is a naive device, it cannot alone differentiate between the natural input magnetic fields and the attacker's provided external magnetic fields B v external . Let us denote the natural input magnetic field by B input that actually needs to be measured by the Hall sensor. To differentiate the B input from the B v external , PreMSat uses a secondary sensor placed in the toroid. Please note that the secondary sensor is used only to sense the external magnetic field B v external . The secondary sensor is placed close to the target Hall sensor so that it can sense the external magnetic fields injected into the target Hall sensor (see Fig. 3 and 4). The secondary sensor can be implemented using either a Hall sensor or a magnetic coil.

The next question is how the secondary sensor actually differentiates the natural input magnetic fields B input from the externally injected magnetic fields B v
external . Let us answer the above question by considering the following two scenarios.
First scenario: When the natural input field B input is internal, the secondary sensor only senses the injected external magnetic field B v external (Fig. 3). This happens for voltage/current Hall sensors, where the natural input magnetic field is generated internally from an internal voltage/current signal inside of the Hall sensor (sensors 1-6 in Table 2). Figure 3: (left) The toroid hosts the target Hall sensor and the secondary sensor and provides a magnetic path to collect the injected B external . Here, the natural input magnetic field B input is internal. (right) The implementation of the toroid.

Binput is internal
Second scenario: When the natural input field B input and the injected external field B v external both are external, there is a chance that the secondary sensor can sense both the natural and injected external fields (sensors 7-10 in Table 2). To prevent this from happening, a shield between the secondary sensor and the source of natural input field is used in PreMSat. This concept is illustrated in Fig. 4. We use a shield having six segments (i.e., i -vi in Fig. 4) made of a ferromagnetic material in such a way that it guides the external natural input field B input not to go to the secondary sensor but only to go to the target Hall sensor. The segment (i) prevents the B input to induce in the circular toroid. The segment (ii) guides the B input to penetrate through the target Hall sensor for being measured. The segment (iii) provides a path to close the loop of the B input . And the segments (iv), (v) and (vi) will be needed if the source of B external is placed at the same side of the source of B input . Because in this scenario, the B external may influence the segments (i) and (iii) and may bypass the secondary sensor. To prevent this from happening, the segments (iv), (v), and (vi) are used to guide the B external to go to the circular toroid core without influencing the segments (i), (iii) and the B input . Please note that the construction of the shield may vary for different requirements and locations of the B input depending on its different use-cases. It is possible that more or fewer segments may be needed other than the above six segments. For example, the segment (vi) can be safely omitted if the attacker cannot access this side to place the source of B external . The sizes of the shield's segments are not large compared to the toroid. Therefore, the structure shown in Fig. 4 (right) will work in most applications, such as proximity sensing, and throttle angle sensing. However, few applications where moving parts are involved, such as brushless motors, may find it difficult to install the segments.
As the direction of the natural field B input is known to the designer, he can always design a shield to prevent the natural field from going into the secondary sensor. Moreover, as the strength of the natural field is known to the designer, he can use a shield with proper ferromagnetic material to ensure that the natural field cannot penetrate the shield.
A further question may arise if the attacker can bypass the shield. Please note that the use of the shield is not to prevent attackers from influencing the target Hall sensor. However, the use of the shield is to prevent the input magnetic fields (B input ) from going into the secondary sensor. Therefore, bypassing the shield with the B external by an attacker will not impact the defense because the secondary sensor and target Hall sensor can still sense the injected B external . Moreover, if a strong injected B external penetrates the shield, that would not be a problem. Because in that case, the secondary sensor will still sense the injected B external by the attacker and won't sense the natural input field B input .
2. Sensing B v external from the B external : PreMSat uses a magnetic path to collect the vertical components B v external from the B external . The circular ferrite core in PreMSat provides that magnetic path. We bring Proposition 2 below to explain this concept.
Proposition 2 : As the ferrite core in PreMSat has very low magnetic resistance compared to the air, practically speaking, most of the magnetic fields from B external will get concentrated along the cross-section of the ferrite core [Her91,Con19,Shi14].
Explanation of Proposition 2 : The way how the circular ferrite core provides a magnetic path to collect the vertical components B v external is shown in Fig. 3 and 4. When single/multiple sources of B external are present near the target Hall sensor, the B external needs to overcome the air gap present between the target Hall sensor and the source of B external . As air has a very low magnetic permeability (e.g., 4π10 −7 Wb/A-t.m), the air gap present between the target Hall sensor and the B external works as a magnetic path having very high resistance. Therefore, the magnetic field lines coming from the B external change their normal path and try to find a new path having a low magnetic resistance. The circular ferrite core provides the very low resistive magnetic path to the B external . In numbers, the relative magnetic permeability of ferrites can vary between 1150 to 25000 [fera]. In other words, the magnetic resistance of the ferrite core is 1150 -25000 times less than air. As the ferrite core has very low magnetic resistance compared to air, practically speaking, most of the external magnetic fields from the B external get concentrated along the cross-section of the ferrite core, hence influencing the field pattern of the B external .
Vertical projection of B external onto the Hall sensor: As the B external is concentrated along the cross-section of the ferrite core, if we could place the target Hall sensor in the cross-section of the ferrite core, the B external will be projected onto the target Hall sensor vertically. The reason behind this is that as the ferrite core has a circular shape, the concentrated fields B external along the circular core will be vertical to any plane placed in the cross-section of the circular core. The idea is illustrated in Fig. 3 and 4. A small gap is created to place the target Hall sensor in the cross-section of the ferrite core. Therefore, the concentrated B external will act as the B v external to the target Hall sensor as the target Hall sensor is placed in the cross-section of the circular ferrite core.
The secondary sensor is also placed together with the target Hall sensor in the gap of the circular ferrite core. This is illustrated in Fig. 3 and 4. As the secondary sensor is placed together with the target Hall sensor, the same B v external passes through the secondary sensor. Therefore, the secondary sensor sees the same amount of B v external , similar to the target Hall sensor. In this way, the secondary sensor placed in the ferrite core can sense the B v external injected by the attacker.

Generating a voltage proportional to the B v
external by the secondary sensor: PreMSat uses a Hall sensor as the secondary sensor for simplicity. A magnetic coil could also be used as the secondary sensor. As a Hall sensor is used as a secondary sensor, after sensing the B v external , the secondary sensor generates a Hall voltage following Eqn. 1. Let us denote the generated Hall voltage in the secondary sensor by V secondary .
Types of B v external : We consider a strong attacker who can use constant, sinusoidal, and pulsating fields for a saturation attack because all other patterns can be derived from these three basic fields (i.e., Fourier transformation [BB86]). Therefore, we discuss how V secondary changes for the constant, sinusoidal, and pulsating magnetic fields. This information on V secondary is required to design algorithm 1, which can prevent the saturation attack generating from any type of B v external . Let us define the constant, sinusoidal and pulsating magnetic fields mathematically in Eqn. 5.
sinusoidal field, B amplitude {sgn(sin ωt)}; square pulsating field. (5) where C is a constant, ω is the angular frequency and B amplitude is the magnitude of the injected magnetic field, and sgn is the signum function. If we use B v external from Eqn. 5 in Eqn. 1, we can calculate the V secondary , which is graphically illustrated in Fig. 5.
The V secondary is proportional to the B v external : Eqn. 1 shows that the term V H is proportional to the magnetic fields B present in the +Z direction. Therefore, the secondary sensor also generates the V secondary , which is proportional to the vertical components of the externally injected magnetic fields, previously denoted by B v external . Hence, the V secondary has the shape and frequency equal to B v external that is illustrated in Fig. 5.

Back calculating B v
external from the V secondary : PreMSat needs to back calculate the magnitude of the B v external to use it in a defense algorithm 1 for generating the B internal . It is evident from Eqn. 1 that if I Bias , d, and V H are known, B can be calculated. As the secondary sensor provides the V secondary , it is possible to calculate the B v external from the V secondary using Eqn. 6. The Eqn. 6 is derived by adjusting the terms of Eqn. 1.
where K c is the sensitivity of a Hall sensor that includes all constant terms for simplification. The term K c is provided by the manufacturer of the Hall sensor in its datasheet.
In the next section, we discuss how the different blocks of PreMSat uses the V secondary to generate the internal magnetic fields B internal to nullify the B v external .

Blocks of PreMSat
In this section, we discuss all the blocks and algorithms used in PreMSat (see Fig. 6).
1. Circular ferrite core: PreMSat uses a circular ferrite core to host the primary coil and secondary sensor (see Sections 4.2 and 4.3.1 for details).
2. Differential amplifier: The differential amplifier takes the V secondary as its input and removes the common-mode noises from it (see Section 2.2 for common-mode noise).
The differential amplifier is implemented using an operational amplifier shown in Fig. 6. It has four resistors R1, R2, R3, and R4. When resistors R1 = R2 and R3 = R4, the output of the differential amplifier, denoted by V diff secondary , can be simplified to Eqn. 7.
The ratio R 3 /R 1 in Eqn. 7 is set to 1 in PreMSat. Therefore, the differential amplifier only rejects the common-mode noises from the V secondary with a gain 1.

Analog-to-digital converter (ADC):
The ADC samples the V diff secondary , digitizes it, and provides the digitized value to the algorithm 1 running on a processor. To reduce the power consumption, the ADC is configured at a low sampling frequency (900 kHz) at normal operating conditions (i.e., when no attack happens). But the ADC uses a high sampling frequency when an attack happens (i.e., when there is a presence of B v external ).  Figure 6: The different blocks of PreMSat.

PID controller:
The output V diff secondary from the ADC is given to a PID controller to generate a proper B internal . The algorithm for the PID controller is designed in such a way that the generation of B internal should be fast enough so that it can nullify the  Fig. 7. The variable e(z) represents the error, which is the difference between the desired output B v external and the actual output B internal . Here, the B v external is defined as the desired output because the PID controller should generate the B internal equal to the B v external . The B v external is also known as the reference output. The error signal e(z) is fed to the PID controller, and the controller computes both the derivative and the integral of this error signal.
The control signal u(z) is fed to the primary coil, and the new output B internal is obtained. To obtain a continuous-time signal B internal from a discrete-time signal u(z), a digital-to-analog converter (DAC) is used before the primary coil. The new output B internal is then fed back and compared to the reference B v external to find the new error signal e(z). The controller takes this new error and computes an update of the control signal u(z) again. This process continues until the error e(z) settles to a minimum value. The transfer function of the PID controller in the z-domain is expressed in Eqn. 8. where , and T s is the sampling period of the ADC. Eqn. 8 can be expressed as a difference equation shown in Eqn. 9.
where u(k) and e(k) are discrete-time domain equivalent of z-domain terms u(z) and e(z), respectively. Eqn. 9 is a recursive equation and has a second-order infinite-impulse-response (IIR) filter format. Therefore, the PID controller, used in PreMSat, is a second-order IIR filter that requires less memory space and computational time compared to the finiteimpulse-response (FIR) filters. This supports the idea that PreMSat provides real-time defense against the saturation attack on Hall sensors. Please note that the secondary sensor only measures B v external before generating B internal . When PreMSat generates B internal , the secondary sensor correlates more with the error e(z) than B v external . Therefore, the PID controller minimizes e(z) between B v external and B internal . Once e(z) is close to zero, the secondary sensor starts to measure B v external again. Parameters of the PID controller: As the PID controller is a critical component of the real-time machine of PreMSat, few parameters that control the real-time properties of the PID controller are discussed here. These parameters are rise time, overshoot, settling time, and steady-state error. The values of K p , K i , K d are tuned using MATLAB for a sampling frequency of 900 kHz to result in the lowest rise time, overshoot, settling time, and steady-state error. The values of these parameters are tabulated in Table 1.  Table 1 indicates that the settling time is 23 µs. In other words, it takes 23 µs to generate the B internal equal to the B v external with less than 1% steady-state error. The less than 1% steady-state error is negligible compared to the large values of the B v external required for the saturation attack (see Section 7.3).

Prevents strong or weak multiple signal shapes at the same time:
The PID controller minimizes the error e(z) while generating the B internal equal to the B v external , irrespective of the strength and shapes of the injected B v external . Even when multiple shapes, such as constant, sinusoidal, and pulsating fields, are injected at the same time, the vector summation of these fields will have a vertical component B v external influencing the target Hall sensor (see Section 4.1, Fig. 2 and 5). The PID controller will nullify this B v external in exactly the same way using the B internal .
Moreover, a weak B v external , which can spoof the differential amplifier in its linear region (see Fig. 1), can also be nullified by the B internal . Because a weak injected B v external will also be picked up by the ferrite core, and PreMSat can nullify it using the B internal .
In addition, PreMSat can nullify a injected B v external even if the B v external has the same frequency as the natural input signal B input . Because the generated B internal by PreMSat can nullify the B v external irrespective of its frequency, which is equal to the B input or not. 5. Algorithm: The Algorithm 1, which handles the PID controller and controls the generation process of B internal , is explained below.
Line 1-4 : The ADC is configured initially to a low sampling frequency of 35 kHZ to ensure low power consumption by PreMSat. The ADC samples the V diff secondary and algorithm 1 continuously tracks the V diff secondary to check whether any attack happens. Line 5-8 : As V diff secondary is coming from the secondary sensor, any change of V diff secondary from a reference voltage indicates the presence of the B v external . The ADC changes its sampling frequency (i.e., 1/T s ) to a higher value (i.e., 900 kHz) to provide the optimum a, b, and c in Eqns. 8 and 9. Then the B v external is calculated using Eqn. 6 and the calculated B v external is used to calculate the term e(z). Line 9-18 : The PID controller is implemented using the difference equation from Eqn. 9. The PID controller generates u(k), which is the discrete-time representation of u(z), and converts the term u(k) to an equivalent analog signal I primary using a DAC. The I primary is used to generate B internal using Eqns. 3, and 4. The error signal e(z) is calculated and this process repeats until the term e(z) settles within the 1% of the reference B v external . If the e(z) does not settle down to 1% of B v external within a certain time x, there is a possibility that B internal is not strong enough to nullify the B v external . This may cause the V diff secondary to stuck in +ve/-ve saturation voltage. If this happens, PreMSat notifies the authority to fail-safe the system. The value of x is user defined. We use x = 50 µs.
Line 19-20 : If no attack happens, the algorithm does not generate any B internal and keeps the Hall sensor running as it is.

Buffer:
A digital-to-analog converter (DAC) converts the digital signal u(k), which is the output of the PID controller, to an analog signal I primary . As the DAC does not have the capability to provide high values of I primary to the primary coil, a buffer is used after the DAC to support high current to the primary coil (see Section 5.1). The primary coil, next, generates the B internal that is already explained in Section 4.2.
Security of PreMSat itself: An important question may arise what will happen if the attacker attacks the different components of the defense itself, such as the secondary sensor and differential amplifier. As the secondary sensor is placed in the ferrite core, the generated B internal will also nullify the injected B v external to the secondary sensor in the same way it prevents the saturation attack on the target Hall sensor. Therefore, the differential amplifier connected with the secondary sensor will not be saturated.

Generating the B internal in opposite direction to the B v external
As the B v external is concentrated along the cross-section of the toroid, the B internal should also be provided along the same cross-section but in the opposite direction to nullify the B v external . To provide the B internal in opposite polarity, the primary coil is connected in reverse polarity with the buffer chip. Therefore, the PID controller does not need to spend any extra time to make the polarity of the B internal reverse to nullify the B v external .

A prototype
A prototype of the proposed PreMSat is implemented using different discrete components, which is shown in Fig. 8 (left). A Hall sensor (part #ACS718) is used as the secondary sensor. The differential amplifier uses a low-power op-amp (i.e., part # TL084CN) with a high slew rate, low input bias and offset currents with a rise time of 0.05 µs and a unity-gain bandwidth of 3 MHz. The buffer uses an op-amp (part # TL084CN) in voltage-follower configuration with a high-power transistor Q1 (part # TO-220 [TO2]) connected at opamp's output (see Fig. 6). The CPU of PreMSat is an EFM-32 Giant Gecko development board from Silicon Labs [EFM] having a Cortex M-3 based 32-bit CPU with built-in ADCs and DACs. The EFM-32 has an ultra-low-power CPU with a 48 MHz clock. A low-cost soft ferrite, such as Mn-Zn ferrite is used as the material of the circular toroidal core [ferb].
Mn-Zn ferrite [OWL03] has a high relative permeability (∼25000), and can support high frequency and low eddy current loss. Therefore, Mn-Zn ferrite can provide a low-resistive magnetic path to collect the externally injected field B external for PreMSat.

Testbed
We test ten different Hall sensors (Table 2 (a)) of all types, such as open/close loop, bipolar/unipolar sensors from four different manufacturers. As different Hall sensors measure different types of input signals, we use different sources to supply input signals to these different Hall sensors. We use a variable AC and DC source to supply current/voltage as original input signals to Hall sensors with serial no. 1-6 and use a magnet [Lit] to supply magnetic fields as input signals to Hall sensors with serial no. 7-10 in Table  2. The external fields B external are generated in two ways: an electromagnet (uxcell [ama]) with a MOSFET (part #STP4NK80Z [pow]) connected with an Arduino is used to generate constant, sinusoidal, and pulsating fields, and a function generator connected with a monopole antenna [mon] is used to radiate high and low frequency electromagnetic interference (EMI) signals to attack Hall sensors. The testbed is shown in Fig. 8 (right).

PreMSat prevents the saturation attack
Here, we justify how PreMSat prevents the saturation attack on Hall sensors. We randomly pick ACS710KLATR-10BB from Table 2 as the target Hall sensor. A 7.5 A peak-to-peak AC current of 60 Hz frequency is given as an input signal to ACS710KLATR-10BB. Before any injection of external magnetic fields, the output of the target Hall sensor is shown in Fig. 9 (i), which shows an undistorted sinusoidal signal. An electromagnet with an MMF of ∼ 3600 A-t is used to inject different types of external magnetic fields B external , such as constant, sinusoidal, and square pulsating fields, to the target Hall sensor from 1 cm. We use 2 Hz as the frequency of injected sinusoidal and square pulsating fields as an example. Fig. 9 (ii) shows that the output of the target Hall sensor is driven to its saturation voltage (4.8 V) after the saturation attack resulting in a flattened output signal. As the output signal is flattened, any critical information cannot be recovered from the output signal in its saturation region. After integrating PreMSat with the target Hall sensor, the external magnetic fields B external cannot drive the output of the target Hall sensor to its saturation region. We can see from Fig. 9 (iii) that the output of the target Hall sensor remains unperturbed during the saturation attack. Performance metric: If we can prove that the output voltage of the target Hall sensor before the saturation attack is similar to the output voltage of the target Hall sensor after the saturation attack with PreMSat, we can claim that PreMSat is effective to prevent the saturation attack. To quantify the similarity, we calculate the correlation coefficient (C) [KDRB68] between signals in Fig. 9 (i) (i.e., before the saturation attack) and Fig. 9 (iii) (i.e., after the saturation attack with PreMSat). The value of correlation coefficient (C) is 0.97 for this case that is very close to unity. This indicates that the signal in Fig. 9 (i) (i.e., before the saturation attack) is statistically the same as the signal in Fig.  9 (iii) (i.e., after the saturation attack with PreMSat) in a point-by-point fashion. This proves that PreMSat can successfully prevent the saturation attack on a Hall sensor.

Testing PreMSat for different amplitudes of input signals
Table 2 (c) shows the average correlation coefficient C for different amplitude of input signals to ten different Hall sensors for a B external having an MMF of 3000 A-t. We vary the amplitude of the input signals within the entire input range (Table 2 (b)) of Hall sensors and calculate C for every input value and do an average of C for every sensor.
The average of C is greater than 0.94 for every sensor when PreMSat is used (Table 2 (c)) compared to 0.1 when PreMSat is not used. This indicates that PreMSat works within the entire input range of every Hall sensor. We use 60 Hz as the frequency of input signals to Hall sensors with serial 1-6 and 10 Hz to Hall sensors with serial 7-10.

Testing PreMSat for different frequencies of input signals
Section 5.4 shows the performance of PreMSat for different amplitudes of the input signals.
In this section, we vary the frequency of the input signals to different Hall sensors within their entire input range (Table 3 (a)) and calculate the correlation coefficient (C) for every case. We keep the amplitude of input signals fixed at 1 A/100 G/110 V. We find that the average value of C is greater than 0.94 for every sensor when PreMSat is used compared to 0.1 when PreMSat is not used (see Table 3 (b)). This indicates that PreMSat works within the entire input frequency range of every Hall sensor.

Testing PreMSat for different strength of injected B external
At first, we find the strength of the external magnetic fields B external required to drive the Hall sensors to their saturation region (i.e., saturation attack) experimentally in our testbed. It is already mentioned in Section 4.2 that the strength of the magnetic field is quantified by the magneto-motive force (MMF). At first, we vary the MMF of the B external using an electromagnet and find that an MMF > 3600 A-t can cause the saturation attack from 1 cm distance for all of the ten different Hall sensors. If the distance is < 1 cm, an MMF less than 3600 A-t is required for the saturation attack.
To test PreMSat, we vary the MMF from 0 A-t to 4200 A-t (i.e., ∼ 1.2x of 3600 A-t) at frequency zero with a step size of 200 A-t (see Table 3 (c)) and calculate C for every case for ten different Hall sensors. We do a total of ∼200 experiments in our testbed and find that the average value of C is greater than 0.94 for every sensor when PreMSat is used compared to 0.1 when PreMSat is not used (see Table 3 (d)). This proves that the prototype PreMSat can prevent the external magnetic fields B external having an MMF within 0 -4200 A-t. This indicates that PreMSat can prevent a weak MMF that can cause spoofing in the linear region as well as a strong MMF that can cause a saturation attack.

Testing PreMSat for different frequencies of injected B external
In Section 5.6, we vary the MMF of the B external from 0 A-t to 4200 A-t by keeping the frequency of the B external at zero. In this section, we vary the frequency of the B external . As mentioned in Section 5.2, we use an electromagnet and a function generator connected with a mono-pole antenna to radiate high and low frequency B external . We vary the frequency of the B external from 0 Hz to 30 kHz with a step size of 1 kHz (see Table 4 (a)) and calculate C for every case for ten different Hall sensors. We do an average of C for every Hall sensor in our testbed and find that the average value of C is greater than 0.94 for every sensor when PreMSat is used compared to 0.1 when PreMSat is not used (see Table 4 (b)). This proves that the prototype PreMSat can prevent both low and high frequency external magnetic spoofing within a range of 0-30 kHz.

Testing PreMSat for different distances of the magnetic source
In Sections 5.4, 5.5, 5.6, and 5.7, we place the source of B external 1 cm away from the target Hall sensor. In this section, we vary the distance of the magnetic-source (i.e., B external ) from the Hall sensor. We use an MMF of ∼3600 A-t for the B external and keep the frequency and amplitude of the input signals fixed at 60 Hz/10 Hz and 1 A/100 G/110 V, respectively. We vary the distance from 0 cm (very close) to 7 cm with an increment of 1 cm (Table 4 (c)) and calculate the average of C for every Hall sensor. The average value of C is greater than 0.94 for every case when PreMSat is used compared to 0.1 when PreMSat is not used (Table 4 (d)). This proves that PreMSat can prevent the saturation attack from a very close distance.

Comparing PreMSat with a ferromagnetic shield
We compare PreMSat with a ferromagnetic shield to prove PreMSat's effectiveness over a shield. There are specialized materials for magnetic shielding. The foremost of these is MuMetal [mum], which has high magnetic permeability and is used in industry. We use a strong electromagnet as a source of B v external with an MMF of ∼ 3600 A-t. We use a box made of MuMetal as a shield and enclose the target Hall sensors with it. We keep the source of MMF 1 cm away outside of the shield and keep the Hall sensor 1 cm away inside of the shield. We vary the thickness of the shield and measure C for every thickness. We find that even an 1 inch thick shield cannot prevent a strong MMF of 3600 A-t (i.e, low value of C in Table 5 (c)). The reason behind this is that at strong magnetic fields, MuMetal gets saturated [mum]. In saturation, the shielding property of the MuMetal is diminished [CHFP97], and sensors become vulnerable to external magnetic fields. Next, we only use PreMSat without a shield and find that PreMSat can maintain C close to unity (see Table 5 (d)). This proves the efficacy of PreMSat over a shield.

Comparing PreMSat with a high supply voltage
It may appear that increasing the supply voltage, denoted by V Supply , of the differential amplifier located in a Hall sensor (see Fig. 1 and Section 2.3) may prevent the saturation attack because increasing the V Supply will also increase the saturation voltage of a differential amplifier. To verify this claim, we vary the V Supply of 10 Hall sensors within their acceptable ranges (see Table 5 (e)) and measure the maximum MMF, up to which every sensor can tolerate within their supply voltage ranges. We find that increasing the V Supply may increase the maximum MMF up to which Hall sensors can tolerate before going to saturation (see Table 5 (f)). However, the maximum MMF, up to which they can tolerate, is still much smaller compared to PreMSat's capability of preventing an MMF of ∼ 4200 A-t. Please note that the output of DRV5053OA gets saturated at ∼ 2 V irrespective of the V Supply variation within 2.5-38 V (see [date]). Therefore, DRV5053OA's maximum MMF spans within a small range of 1200 -1400 A-t.

Real-time defense against the saturation attack
Broadly speaking, PreMSat spends most of its time executing the following five tasks: (i) to remove common mode noise by the differential amplifier, (ii) to sample the V diff secondary by the ADC, (iii) to generate the B internal and settle it (i.e., PID controller), (iv) to convert the u(k) to I primary by the DAC, and (v) to provide the B internal in opposite polarity. In Table 6, we provide the amount of time required to execute each of these tasks along with the name of the block responsible for each task.
From Table 6, it is important to note that PreMSat can provide the B internal within 28.79 µs. This execution time is deterministic, and no additional latency/delay is involved in this process. Therefore, PreMSat can prevent the saturation attack within 28.79 µs that can be termed as a real-time defense against the saturation attack.

Feasible structure, and maintenance
To integrate the Hall and secondary sensors in a toroid, a small gap needs to be created in the cross-section of a toroid. Industries are already using a similar structure where creating a small gap and winding a primary coil is similar to creating a transformer  in [Hon19]). Therefore, the structure is feasible in today's technology. Moreover, regular maintenance is sufficient as PreMSat does not have parts that may be easily damaged.

Cost
The total cost of our prototype is ∼$14, comparable with the sensor cost (∼$2-$70). However, the actual cost will be much less than ∼$14 in mass level production.

Power consumption
The CPU runs at a low power, ADCs work at a low sampling frequency (i.e., 35 kHz), and the buffer, primary coil, and ferrite core consume low power when no attack happens. The overall power consumption when no attack happens is ∼ 5 mW. However, when an attack happens, the CPU and ADCs start working with high frequencies, and the primary coil generates fields B internal . The primary coil is the main source of power consumption during an attack as it needs to generate a counter MMF. We use Mn-Zn soft-ferrite as the toroid, which has high relative permeability and magnetization. Therefore, the primary coil can generate strong counter MMF (i.e., 0-4200 A-t), consuming power within 0-3 W. Moreover, Mn-Zn soft-ferrite has low resistance resulting in a low eddy-current loss. The overall power consumption when an attack happens is ∼ 5 mW-3 W.

Demonstration of preventing the saturation attack
In this section, we demonstrate PreMSat's capability on a practical system -a grid-tied solar inverter. Grid-tied solar inverters are critical components in smart grids and are typically used as a power source in solar plants. Solar inverters have Hall sensors, which are typically used to measure AC and DC current or voltage [SWXL18]. Therefore, an attacker can target Hall sensors located in grid-tied inverters and inject external magnetic fields to drive Hall sensors to their saturation regions. This type of attack can shut down the inverter, and for a weak grid scenario, it can also cause a blackout in the region. To demonstrate that PreMSat can prevent the saturation attack, we use a 140 Watt inverter from Texas Instruments [tex] in the testbed. This inverter has a Hall effect current sensor with a part # ACS712ELCTR-20A-T. At first, we inject constant, sinusoidal, and pulsating magnetic fields into the inverter with an MMF = 3600 A-t from a 1 cm distance. This causes a saturation attack on the Hall sensor located inside of the inverter. As a result, the inverter shuts down itself, causing a DoS attack on the inverter. To evaluate PreMSat, we integrate PreMSat with the Hall sensor and repeat the same experiment (Fig. 10). We notice that the inverter continues working without any shutdown at this time. This proves that PreMSat can prevent the saturation attack on a practical system.

Strong Electromagnet
Compromised Hall sensor of the inverter Grid-tied solar inverter PreMSat 1 cm Figure 10: PreMSat prevents the saturation attack on the grid-tied solar inverter.

Power consumption and usability of PreMSat
PreMSat consumes 0 -3 W power while generating a strong internal field. The power consumption may be small for some applications, such as solar inverters and automotives, but may be substantial for few applications, such as proximity detection and position sensing. Moreover, the toroid has a 1.3 cm outer radius which is accommodable if designers would plan ahead to provide the space so that it would not affect the common use cases. However, few applications, such as Hall sensors in brush-less motors, may not fit the toroid. Moreover, the current prototype cannot be directly applicable to multiple axis Hall sensors. However, the idea of generating an internal magnetic field to nullify the external field would be applicable to a multiple-axis sensor with a change in the ferrite core's structure.

Non-zero settling time of the PID controller
It is already described in Section 4.3.2 that the PID controller has a non-zero settling time (i.e., 23 µs), which is also the main contributing factor to the total time (see Table 6) required to generate the B internal . Therefore, if the attacker changes the injected magnetic fields B external within 23 µs, the timeliness of the defense will not be guaranteed. We have already finely tuned the values of K p , K i , K d to obtain the lowest possible rise-time and settling time for the PID controller.

Non-zero steady-state error of the PID controller
The PID controller is tuned in such a way to have the lowest amount of steady-state error (i.e., <1%) possible for the problem at hand. In spite of the fine-tuning, the PID controller has a non-zero steady-state error, which may add error to the B internal while nullifying the B v external . However, <1% error is negligible compared to the large values of the B v external required for the saturation attack. For example, 3600 A-t is required for the saturation attack from a 1 cm distance, and 1% of 3600 A-t is only 36 A-t, which results in a negligible noise at the output of the Hall sensor.

Upper limit strength of the injected B external
Our prototype can prevent an external magnetic field B external up to an MMF of 4200 A-t. The reason behind this is that our prototype cannot generate a B internal having an MMF more than 4200 A-t. The upper limit 4200 A-t is limited by the amount of power that the buffer can provide. The idea is supported by Eqn. 4, which says B internal depends on the I primary . The I primary is provided by the buffer to the primary coil. The buffer used in the prototype has its maximum capacity that can support a I primary , which can generate an MMF up to 4200 A-t. However, the limit can be theoretically increased from 4200 A-t to any higher value using a stronger buffer, causing a trade-off between cost and strength.

Upper limit frequency of the injected B external
Our prototype can prevent the B external up to a frequency of ∼30 kHz. The upper limit 30 kHz results from the total time 28.79 µs required to generate the B internal (see Table  6). The reciprocal of 28.79 µs is 1/ 28.79 µs = ∼35 kHz. The prototype supports up to ∼30 kHz instead of 35 kHz because an additional time is spent to overcome the parasitic inductance/capacitance present in the primary coil. Note that the total time of 28.79 µs is obtained for our prototype using a clock frequency of 48 MHz. This time can be reduced further using a faster CPU having a clock frequency higher than 48 MHz.

Related work
To the best of our knowledge, no state-of-the-art work can prevent a saturation attack on Hall sensors. However, there is related work exists for other sensors that cannot be used to prevent a saturation attack on Hall sensors for the following reasons. Barua et al. [BAF22] proposed an in-sensor defense for Hall sensors. However, it does not work for a saturation attack. Trippel et al. [TWX + 17] proposed randomized and 180 0 out-of-phase sampling to provide defenses against an acoustic signal injection into MEMS accelerometers. They sample at random times with 180 0 out-of-phase within the resonant frequency period to nullify the spoofing signals. They are not suitable for saturation attacks because: (i) They can only filter out a forged signal, which has a frequency equal to the resonant frequency of the MEMS sensor. Therefore, they do not work other than a specific resonant frequency, for example, any attack frequency. (ii) They do not work against a DC/constant forged signal because randomized sampling cannot filter out a DC signal. (iii) They do not work when the sensor output is flattened.
Cheng et al. [CSWL14] and Alexander [Ale19] from Allegro Microsys. used differential sensing by using two sensing elements to cancel out common-mode attack signals. However, it does not prevent a sensor output from getting flattened during a saturation attack.
Kune et al. [KBC + 13] used an adaptive filter to mitigate EMIs in microphones. An adaptive filter estimates EMIs first and then subtracts the estimated EMIs from the original signal to recover the original signal. This technique cannot estimate any attack signal if the sensor output is flattened because of the saturation attack.
Zhang et al.
[ZYJ + 17] used a Support Vector Machine (SVM), and Roy et al. [RSHC18] used a non-linearity tracing classifier to filter inaudible ultrasonic voice commands from MEMS microphones. They have the following limitations: (i) They will work only for spoofing signals located in ultrasonic frequency band (> 20kHz), which has a clear separation from the audible voice signals (< 20 kHz). As the spoofing signal may share the same band as the original signal in Hall sensors, these defenses don't work for Hall sensors. (ii) They don't work if the sensor output is flattened because of the saturation attack.
Shoukry et al. [SMY + 15] proposed PyCRA to detect spoofing attempts by turning off the active sensor's transmitter at random instants such that the attacker cannot react to the sudden changes. However, PyCRA only works for active sensors; it is not applicable for passive sensors. Moreover, PyCRA only detects intentional spoofing but cannot prevent it.
Wang et al.
[WXZ + 14] designed a state graph-based approach to detect state corruption due to intentional spoofing. Again, Shoukry et al. [SNB + 15] used the satisfiability modulo theory (SMT) to recover from corrupted states. The main drawback of the above-mentioned state recovery techniques as a defense is that they do not work against time-varying spoofing signals, which may create oscillations between corrupted and recovered states of the system controller. The oscillations between corrupted and recovered states may eventually compromise the integrity and availability [CAS + 09, W + 16] of the system under attack. Moreover, they cannot prevent saturation attacks on any sensor.
In contrast, PreMSat uses a PID controller to generate an internal magnetic field to nullify the injected external field. The PID controller can nullify the injected external field even if the injected external field (i) is constant, sinusoidal or square magnetic fields, (ii) has zero/DC frequency, (iii) has the same frequency as the natural signal being measured, and (iv) can cause a saturation attack. Moreover, PreMSat can work against ∼ 4200 A-t and within 0-30 kHz. However, PreMSat achieves these advantages with high power and physical overhead compared to recent works (see Table 7 for a summary).

Conclusion
PreMSat is the first of its kind in literature and industry that can prevent the saturation attack satisfactorily on passive Hall sensors. PreMSat can prevent the saturation attack originating from different types, such as constant, sinusoidal, and pulsating magnetic fields, in hard real-time. Moreover, PreMSat can also prevent weak magnetic spoofing in the linear region of the differential amplifier. PreMSat integrates a low resistive magnetic path to collect the external magnetic fields injected by the attacker and utilizes a finely tuned PID controller to nullify the external fields. The PID controller is tuned in such a way that it has minimum settling time and steady-state error. This helps to keep the existing data processing speed of the connected system undisturbed. We have presented a prototype of PreMSat, which can nullify external fields up to ∼ 4200 A-t. We have done an extensive analysis of PreMSat through more than 300 experiments on ten different Hall sensors from four different manufacturers and proved its efficacy against the saturation attack. However, PreMSat has high power cost and overhead that might not be suitable for all applications. Moreover, we have demonstrated the efficacy of PreMSat on a practical system -a grid-tied solar inverter. The demonstration proves that PreMSat can prevent the DoS attack on a practical system by nullifying the saturation attack on a Hall sensor. Finally, we believe that the necessity of developing a similar defense like ours is going to be increased in the near future for other sensors when sensors will pervade our lives.