A Survey on Reconfigurable Intelligent Surfaces in Practical Systems: Security and Privacy Perspectives
Ziyu Chen, Yitong Shen, Jingzhe Zhang, Yao Zheng, Yili Ren, Xuyu Wang, Shiwen Mao, Hanqing Guo
TL;DR
This paper addresses security and privacy in practical RIS-enabled wireless systems, identifying how RIS reshapes propagation to create new attack surfaces. It provides a comprehensive taxonomy of threats (jamming, eavesdropping, spoofing) and defenses, covering securing RIS-aided systems, defending against rogue RIS devices, and using RIS for defense. The authors synthesize limitations across CSI requirements, computational complexity, energy/range, mobility, and hardware concerns, and outline concrete future directions, including CSI-free strategies, real-time RIS control, AI-driven defense, and real-world testbeds. A public resource hub is presented to promote reproducible RIS security research, aiming to guide secure deployment of RIS in 6G, IoT, ISAC, and related applications.
Abstract
Reconfigurable Intelligent Surfaces (RIS) have emerged as a transformative technology capable of reshaping wireless environments through dynamic manipulation of electromagnetic waves. While extensive research has explored their theoretical benefits for communication and sensing, practical deployments in smart environments such as homes, vehicles, and industrial settings remain limited and under-examined, particularly from security and privacy perspectives. This survey provides a comprehensive examination of RIS applications in real-world systems, with a focus on the security and privacy threats, vulnerabilities, and defensive strategies relevant to practical use. We analyze scenarios with two types of systems (with and without legitimate RIS) and two types of attackers (with and without malicious RIS), and demonstrate how RIS may introduce new attacks to practical systems, including eavesdropping, jamming, and spoofing attacks. In response, we review defenses against RIS-related attacks in these systems, such as applying additional security algorithms, disrupting attackers, and early detection of unauthorized RIS. We also discuss scenarios in which the legitimate user applies an additional RIS to defend against attacks. To support future research, we also provide a collection of open-source tools, datasets, demos, and papers at: https://awesome-ris-security.github.io/. By highlighting RIS's functionality and its security/privacy challenges and opportunities, this survey aims to guide researchers and engineers toward the development of secure, resilient, and privacy-preserving RIS-enabled practical wireless systems and environments.