References of "Fohler, Gerhard"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailRandomization as Mitigation of Directed Timing Inference Based Attacks on Time-Triggered Real-Time Systems with Task Replication
Krüger, Kristin; Vreman, Nils; Pates, Richard et al

in LITES: Leibnitz Transactions on Embedded Systems (2021)

Time-triggered real-time systems achieve deterministic behavior using schedules that are constructed offline, based on scheduling constraints. Their deterministic behavior makes time-triggered systems ... [more ▼]

Time-triggered real-time systems achieve deterministic behavior using schedules that are constructed offline, based on scheduling constraints. Their deterministic behavior makes time-triggered systems suitable for usage in safety-critical environments, like avionics. However, this determinism also allows attackers to fine-tune attacks that can be carried out after studying the behavior of the system through side channels, targeting safety-critical victim tasks. Replication – i.e., the execution of task variants across different cores – is inherently able to tolerate both accidental and malicious faults (i.e. attacks) as long as these faults are independent of one another. Yet, targeted attacks on the timing behavior of tasks which utilize information gained about the system behavior violate the fault independence assumption fault tolerance is based on. This violation may give attackers the opportunity to compromise all replicas simultaneously, in par- ticular if they can mount the attack from already compromised components. In this paper, we ana- lyze vulnerabilities of time-triggered systems, focusing on safety-certified multicore real-time systems. We introduce two runtime mitigation strategies to withstand directed timing inference based attacks: (i) schedule randomization at slot level, and (ii) randomization within a set of offline constructed schedules. We evaluate these mitigation strategies with synthetic experiments and a real case study to show their effectiveness and practicality. [less ▲]

Detailed reference viewed: 47 (3 UL)
Full Text
Peer Reviewed
See detailVulnerability Analysis and Mitigation of Directed Timing Inference Based Attacks on Time-Triggered Systems
Krüger, Kristin; Volp, Marcus UL; Fohler, Gerhard

in LIPIcs-Leibniz International Proceedings in Informatics (2018), 106

Much effort has been put into improving the predictability of real-time systems, especially in safety-critical environments, which provides designers with a rich set of methods and tools to attest safety ... [more ▼]

Much effort has been put into improving the predictability of real-time systems, especially in safety-critical environments, which provides designers with a rich set of methods and tools to attest safety in situations with no or a limited number of accidental faults. However, with increasing connectivity of real-time systems and a wide availability of increasingly sophisticated exploits, security and, in particular, the consequences of predictability on security become concerns of equal importance. Time-triggered scheduling with offline constructed tables provides determinism and simplifies timing inference, however, at the same time, time-triggered scheduling creates vulnerabilities by allowing attackers to target their attacks to specific, deterministically scheduled and possibly safety-critical tasks. In this paper, we analyze the severity of these vulnerabilities by assuming successful compromise of a subset of the tasks running in a real-time system and by investigating the attack potential that attackers gain from them. Moreover, we discuss two ways to mitigate direct attacks: slot-level online randomization of schedules, and offline schedule-diversification. We evaluate these mitigation strategies with a real-world case study to show their practicability for mitigating not only accidentally malicious behavior, but also malicious behavior triggered by attackers on purpose. [less ▲]

Detailed reference viewed: 156 (7 UL)
Full Text
Peer Reviewed
See detailImproving Security for Time-Triggered Real-Time Systems against Timing Inference Based Attacks by Schedule Obfuscation
Krüger, Kristin; Fohler, Gerhard; Volp, Marcus UL

Scientific Conference (2017, June)

Covert timing channels in real-time systems allow adversaries to not only exfiltrate application secrets but also to mount timing inference based attacks. Much effort has been put into improving real-time ... [more ▼]

Covert timing channels in real-time systems allow adversaries to not only exfiltrate application secrets but also to mount timing inference based attacks. Much effort has been put into improving real-time system predictability with the additional benefit of reducing the former class of confidentiality attacks. However, the more predictable the system behaves, the easier timing inference based attacks become. Time-triggered scheduling is particularly vulnerable to these types of attacks due to offline constructed tables that are scheduled with clock synchronization and OS-timer predictability. In this paper, we obfuscate timetriggered scheduling to complicate timing inference based attacks while maintaining strong protection against exfiltration attacks. [less ▲]

Detailed reference viewed: 86 (6 UL)