{"title":"T-SYS: Timed-Based System Security for Real-Time Kernels","authors":"Brayden McDonald, F. Mueller","doi":"10.1109/iccps54341.2022.00029","DOIUrl":null,"url":null,"abstract":"The increasing proliferation of cyber-physical systems in a multitude of applications presents a pressing need for effective methods of securing such devices. Many such systems are subject to tight timing constraints, which are poorly suited to traditional security methods due to the large runtime overhead and execution time variation introduced. However, the regular (and well documented) timing specifications of real-time systems open up new avenues with which such systems can be secured. This paper contributes T-SYS, a timed-system method of detecting intrusions into real-time systems via timing anomalies. A prototype implementation of T-SYS is integrated into a commercial real-time operating system (RTOS) in order to demonstrate its feasibility. Further, a compiler-based tool is developed to realize a T-SYS implementation with elastic timing bounds. This tool sup-ports integration of T-SYS protection into applications as well as the RTOS the kernel itself. Results on an ARM hardware platform with benchmark tasks including those drawn from an open-source UAV code base compare T-SYS with another method of timing-based intrusion detection and assess its effectiveness in terms of detecting attacks as they intrude a system.","PeriodicalId":340078,"journal":{"name":"2022 ACM/IEEE 13th International Conference on Cyber-Physical Systems (ICCPS)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 ACM/IEEE 13th International Conference on Cyber-Physical Systems (ICCPS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/iccps54341.2022.00029","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
The increasing proliferation of cyber-physical systems in a multitude of applications presents a pressing need for effective methods of securing such devices. Many such systems are subject to tight timing constraints, which are poorly suited to traditional security methods due to the large runtime overhead and execution time variation introduced. However, the regular (and well documented) timing specifications of real-time systems open up new avenues with which such systems can be secured. This paper contributes T-SYS, a timed-system method of detecting intrusions into real-time systems via timing anomalies. A prototype implementation of T-SYS is integrated into a commercial real-time operating system (RTOS) in order to demonstrate its feasibility. Further, a compiler-based tool is developed to realize a T-SYS implementation with elastic timing bounds. This tool sup-ports integration of T-SYS protection into applications as well as the RTOS the kernel itself. Results on an ARM hardware platform with benchmark tasks including those drawn from an open-source UAV code base compare T-SYS with another method of timing-based intrusion detection and assess its effectiveness in terms of detecting attacks as they intrude a system.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
