Reference : Randomization as Mitigation of Directed Timing Inference Based Attacks on Time-Trigge...
Scientific journals : Article
Engineering, computing & technology : Computer science
Randomization as Mitigation of Directed Timing Inference Based Attacks on Time-Triggered Real-Time Systems with Task Replication
Krüger, Kristin [Technische Universität Kaiserslautern > Department of Electrical and Computer Engineering]
Vreman, Nils [Lund University > Department of Automatic Control]
Pates, Richard [Lund University > Department of Automatic Control]
Maggio, Martina [Lund University > Department of Automatic Control > > ; Saarland University > Department of Computer Science]
Volp, Marcus mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > CritiX >]
Fohler, Gerhard [Technische Universität Kaiserslautern > Department of Electrical and Computer Engineering]
LITES: Leibnitz Transactions on Embedded Systems
[en] real-time ; security
[en] Time-triggered real-time systems achieve deterministic behavior using schedules that are constructed offline, based on scheduling constraints. Their deterministic behavior makes time-triggered systems suitable for usage in safety-critical environments, like avionics. However, this determinism also allows attackers to fine-tune attacks that can be carried out after studying the behavior of the system through side channels, targeting safety-critical victim tasks. Replication – i.e., the execution of task variants across different cores – is inherently able to tolerate both accidental and malicious faults (i.e. attacks) as long as these faults are independent of one another. Yet, targeted attacks on the timing behavior of tasks which utilize information gained
about the system behavior violate the fault independence assumption fault tolerance is based on.
This violation may give attackers the opportunity to compromise all replicas simultaneously, in par-
ticular if they can mount the attack from already compromised components. In this paper, we ana-
lyze vulnerabilities of time-triggered systems, focusing on safety-certified multicore real-time systems. We introduce two runtime mitigation strategies to withstand directed timing inference based attacks: (i) schedule randomization at slot level, and (ii) randomization within a set of offline constructed schedules. We evaluate these mitigation strategies with synthetic experiments and a real case study to show their effectiveness and practicality.
Researchers ; Professionals ; Students
H2020 ; 871259 - ADMORPH - Towards adaptively morphing systems
FnR ; FNR13691843 > Marcus Völp > ByzRT > Byzrt: Intrusion Resilient Real-time Communication And Computation In Autonomous Systems > 01/09/2020 > 31/08/2023 > 2019

File(s) associated to this reference

Fulltext file(s):

Open access
Krueger-LIPICS2020.pdfPublisher postprint1.2 MBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.