A Network-Agnostic Approach to Enforcing Collision-Free Time-Triggered Communication

Alkoudsi, Mohammad Ibrahim; Fohler, Gerhard; VÖLP, Marcus

doi:10.1109/PRDC59308.2023.00018

Download

Paper published in a book (Scientific congresses, symposiums and conference proceedings)

A Network-Agnostic Approach to Enforcing Collision-Free Time-Triggered Communication

Alkoudsi, Mohammad Ibrahim; Fohler, Gerhard; VÖLP, Marcus

2023 • In Proceedings - 2023 IEEE 28th Pacific Rim International Symposium on Dependable Computing, PRDC 2023

Peer reviewed

Permalink
https://hdl.handle.net/10993/65096

DOI
10.1109/PRDC59308.2023.00018

Files (1)Send to Details Statistics Bibliography Similar publications

Files

Full Text

prdc2023-paper26.pdf

Author preprint (684.85 kB)

Creative Commons License - Attribution, ShareAlike

Download

All documents in ORBilu are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Keywords :

intrusion-tolerance; node rejuvenation; resilient network access; safety-critical systems; time-triggered systems; Collision-free; Intrusion tolerance; Network access; Node rejuvenation; Resilient network access; Resilient networks; Safety critical systems; Time domain; Time-triggered communications; Time-triggered systems; Computational Theory and Mathematics; Computer Science Applications; Hardware and Architecture; Software

Abstract :

[en] Collision-free time-triggered communication in distributed safety- and real-time-critical systems relies on approximately synchronized clocks, a-priori-defined communication schedules, and network guardians, synchronized in the same manner, which inhibit a node's network access outside scheduled times. However, the ever-increasing complexity and interconnectivity of such systemsrender using contemporary network-aware guardians unsuitable: firstly, significant cost, complexity and certification efforts are incurred in developing new network protocol and topology specific guardian solutions. Secondly, contemporary network guardians lack the means to protect against repetitive cyberattacks that exhaust system synchrony.In this paper, we investigate a novel class of time-domain attacks, aimed at exhausting nodes by tampering with the synchrony of their network-agnostic guardians. We counter the attacks by introducing SyncGuard, the first, network-agnostic and time-domain attack-resilient guardian. SyncGuard-equipped systems avoid synchrony exhaustion attacks by jointly coordinating network access and node-rejuvenation.

Disciplines :

Computer science

Author, co-author :

Alkoudsi, Mohammad Ibrahim; Rptu Kaiserslautern-Landau, Kaiserslautern, Germany

Fohler, Gerhard; Rptu Kaiserslautern-Landau, Kaiserslautern, Germany

VÖLP, Marcus ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > CritiX

External co-authors :

yes

Language :

English

Title :

A Network-Agnostic Approach to Enforcing Collision-Free Time-Triggered Communication

Publication date :

2023

Event name :

2023 IEEE 28th Pacific Rim International Symposium on Dependable Computing (PRDC)

Event place :

Singapore, Sgp

Event date :

24-10-2023 => 27-10-2023

Audience :

International

Main work title :

Proceedings - 2023 IEEE 28th Pacific Rim International Symposium on Dependable Computing, PRDC 2023

Publisher :

IEEE Computer Society

ISBN/EAN :

9798350358766

Peer reviewed :

Peer reviewed

Additional URL :

http://xplorestaging.ieee.org/ielx7/10356388/10356234/10356597.pdf?arnumber=10356597

Funders :

IEEE
IEEE Computer Society
Nanyang Technological University Singapore
Singapore Management University (SMU), School of Computing and Information Systems

Available on ORBilu :

since 30 May 2025

Statistics

Number of views

43 (1 by Unilu)

Number of downloads

37 (0 by Unilu)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

OpenCitations

OpenAlex citations

Bibliography

R. M. Lee, M. J. Assante, and T. Conway, "Analysis of the cyber attack on the ukrainian power grid," March 2016. [Online]. Available: "https://ics.sans.org/media/E-ISAC SANS Ukraine DUC 5.pdf
J. Slay and M. Miller, "Lessons learned from the maroochy water breach," in Critical Infrastructure Protection, E. Goetz and S. Shenoi, Eds. Boston, MA: Springer US, 2008, pp. 73-82.
D. Shepard, J. Bhatti, and T. Humphreys, "Drone hack: Spoofing attack demonstration on a civilian unmanned aerial vehicle," GPS World, vol. 23, pp. 30-33, 08 2012.
A. Greenberg, "Hackers remotely kill a jeep on the highway-with me in it," wired, 2015, last accessed: 12-12-2022. [Online]. Available: "https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway
R. M. Lee, M. J. Assante, and T. Conway, "German steel mill cyber attack," Industrial Control Systems, vol. 30, no. 62, pp. 1-15, 2014.
K. Zetter, "A cyberattack has caused confirmed physical damage for the second time ever," wired, 2015, last accessed: 12-12-2022. [Online]. Available: "https://www.wired.com/2015/01/german-steel-mill-hack-destruction/"https://www.wired.com/2015/01/german-steel-mill-hack-destruction
T. M. Chen and S. Abu-Nimeh, "Lessons from stuxnet," Computer, vol. 44, no. 4, pp. 91-93, 2011.
D. Goldstein, "Mouse click could plunge city into darkness, experts say," CNN, 2018, last accessed: 12-12-2022. [Online]. Available: "https://goldsteinreport.com/mouse-click-could-plunge-city-into-darkness-experts-say
S. Scoles, "The feds want these teams to hack a satellite-from home," wired, 2020, last accessed: 12-12-2022. [Online]. Available: "https://www.wired.com/story/the-feds-want-these-teams-to-hack-a-satellite-from-home
H. Kopetz, "The time-triggered model of computation," in 19th IEEE Real-Time Systems Symposium, 1998, pp. 168-177.
H. Kopetz and G. Bauer, "The time-triggered architecture," Proceedings of the IEEE, vol. 91, no. 1, pp. 112-126, 2003.
TTTech, TTP Communication Protocol Specification, FEB 2011.
M. Rausch, FlexRay: Grundlagen, Funktionsweise, Anwendung, ser. Hanser eLibrary. Hanser, 2008. [Online]. Available: https://books.google.de/books?id=OES7wAEACAAJ
TTTech, Time-Triggered Ethernet Communication Protocol Specification, NOV 2016.
C. Temple, "Avoiding the babbling-idiot failure in a time-triggered communication system," in Digest of Papers. Twenty-Eighth Annual International Symposium on Fault-Tolerant Computing (Cat. No. 98CB36224), 1998, pp. 218-227.
G. Bauer, H. Kopetz, and W. Steiner, "The central guardian approach to enforce fault isolation in the time-triggered architecture," in The Sixth International Symposium on Autonomous Decentralized Systems, 2003. ISADS 2003., 2003, pp. 37-44.
G.-N. Sung, C.-Y. Juan, and C.-C. Wang, "Bus guardian design for automobile networking ecu nodes compliant with flexray standards," 05 2008, pp. 1-4.
W. Steiner, "Ttethernet: Time-triggered services for ethernet networks," in 2009 IEEE/AIAA 28th Digital Avionics Systems Conference, 2009, pp. 1.B.4-1-1.B.4-1.
M. Castro and B. Liskov, "Practical byzantine fault tolerance and proactive recovery," in ACM Transactions on Computer Systems (TOCS), vol. 20. ACM, November 2002.
P. Sousa, N. F. Neves, and P. Verissimo, "Proactive resilience through architectural hybridization," in Proceedings of the 2006 ACM symposium on Applied computing. ACM, 2006, pp. 686-690.
P. Sousa, A. N. Bessani, M. Correia, N. F. Neves, and P. Verissimo, "Highly available intrusion-tolerant services with proactive-reactive recovery," IEEE Trans. Parallel Distrib. Syst., vol. 21, pp. 452-465, 2010.
M. I. Alkoudsi, G. Fohler, and M. Völp, "Tolerating resource exhaustion attacks in the time-triggered architecture," in 2022 XII Brazilian Symposium on Computing Systems Engineering (SBESC), 2022, pp. 1-8.
L. Lamport and P. M. Melliar-Smith, "Synchronizing clocks in the presence of faults," J. ACM, vol. 32, no. 1, p. 52-78, jan 1985. [Online]. Available: https://doi.org/10.1145/2455.2457
P. Ramanathan, K. Shin, and R. Butler, "Fault-tolerant clock synchronization in distributed systems," Computer, vol. 23, no. 10, pp. 33-42, 1990.
C. Fetzer and F. Cristian, "An optimal internal clock synchronization algorithm," in COMPASS '95 Proceedings of the Tenth Annual Conference on Computer Assurance Systems Integrity, Software Safety and Process Security', 1995, pp. 187-196.
J. Lundelius and N. Lynch, "An upper and lower bound for clock synchronization," Information and Control, vol. 62, no. 2, pp. 190-204. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0019995884800339
H. Kopetz, "Sparse time versus dense time in distributed real-time systems," in [1992] Proceedings of the 12th International Conference on Distributed Computing Systems, 1992, pp. 460-467.
M. Garcia, A. Bessani, I. Gashi, N. Neves, and R. Obelheiro, "Analysis of operating system diversity for intrusion tolerance," Softw. Pract. Exper., vol. 44, no. 6, p. 735-770, jun 2014. [Online]. Available: https://doi.org/10.1002/spe.2180
R. Pucella and F. B. Schneider, "Independence from obfuscation: A semantic framework for diversity." in 19th IEEE Work. on Computer Security Foundations, 2006, pp. 230-241.
T. Roeder and F. Schneider, "Proactive obfuscation," ACM Trans. Comput. Syst., vol. 28, 07 2010.
Jun Xu, Z. Kalbarczyk, and R. K. Iyer, "Transparent runtime randomization for security," in 22nd International Symposium on Reliable Distributed Systems, 2003. Proceedings., 2003, pp. 260-269.
P. Verissimo, A. Casimiro, and C. Fetzer, "The timely computing base: Timely actions in the presence of uncertain timeliness," in Proceeding International Conference on Dependable Systems and Networks. DSN 2000, 2000, pp. 533-542.
J. Rushby, "Formal verification of transmission window timing for the time-triggered architecture," 01 2001.