[en] The Time-Triggered Architecture (TTA) presents a blueprint for building safe and real-time constrained distributed systems, based on a set of orthogonal concepts that make extensive use of the availability of a globally consistent notion of time and a priori knowledge of events. Although the TTA tolerates arbitrary failures of any of its nodes by architectural means (active node replication, a membership service, and bus guardians), the design of these means considers only accidental faults. However, distributed safety- and real-time critical systems have been emerging into more open and interconnected systems, operating autonomously for prolonged times and interfacing with other possibly non-real-time systems. Therefore, the existence of vulnerabilities that adversaries may exploit to compromise system safety cannot be ruled out. In this paper, we discuss potential targeted attacks capable of bypassing TTA's fault-tolerance mechanisms and demonstrate how two well-known recovery techniques - proactive and reactive rejuvenation - can be incorporated into TTA to reduce the window of vulnerability for attacks without introducing extensive and costly changes.
Disciplines :
Computer science
Author, co-author :
Alkoudsi, Mohammad Ibrahim; TU Kaiserslautern > Electrical Engineering
Fohler, Gerhard; TU Kaiserslautern > Electrical Engineering
Volp, Marcus ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > CritiX
External co-authors :
yes
Language :
English
Title :
Tolerating Resource Exhaustion Attacks in the Time-Triggered Architecture
Publication date :
21 November 2022
Number of pages :
8
Event name :
Brazilian Symposium on Computing Systems Engineering (SBESC)
