Improving Security for Time-Triggered Real-Time Systems against Timing Inference Based Attacks by Schedule Obfuscation

[en] Covert timing channels in real-time systems allow adversaries to not only exfiltrate application secrets but also to mount timing inference based attacks. Much effort has been put into improving real-time system predictability with the additional benefit of reducing the former class of confidentiality attacks. However, the more predictable the system behaves, the easier timing inference based attacks become. Time-triggered scheduling is particularly vulnerable to these types of attacks due to offline constructed tables that are scheduled with clock synchronization and OS-timer predictability. In this paper, we obfuscate timetriggered scheduling to complicate timing inference based attacks while maintaining strong protection against exfiltration attacks.

Disciplines :

Computer science

Author, co-author :

Krüger, Kristin; Technische Universit¨at Kaiserslautern, Germany

Fohler, Gerhard; Technische Universit¨at Kaiserslautern, Germany

VOLP, Marcus ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

External co-authors :

yes

Language :

English

Title :

Improving Security for Time-Triggered Real-Time Systems against Timing Inference Based Attacks by Schedule Obfuscation

Publication date :

June 2017

Number of pages :

Event name :

Work-in-Progress Proceedings ECRTS'17

Event date :

27 - 30 June 2017

Audience :

International

Available on ORBilu :

since 17 December 2017

Statistics

Number of views

93 (6 by Unilu)

Number of downloads

255 (8 by Unilu)

More statistics