SaTC: CORE: Small: An Exploration of Schedule-Based Vulnerabilities In Real-Time Embedded Systems

SaTC：核心：小型：实时嵌入式系统中基于调度的漏洞的探索

• 批准号: 1718952
• 负责人: Sibin Mohan
• 金额: $ 50万
• 依托单位: University of Illinois at Urbana-Champaign
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-08-01 至 2021-07-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1718952&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Exploration; Schedule

Many safety-critical systems such as automobiles, aircraft, medical devices, and power plants are controlled by real-time, embedded systems. As such systems are interconnected via networks such as the Internet, they have become increasingly vulnerable to cyber attacks. This project is studying vulnerabilities of such systems, how attackers might avoid detection, and protection strategies. This project focuses on the surveillance phase of a cyber attack against an embedded, real-time system (RTS). The researchers are addressing the following question: How can an adversary extract critical information about an operational RTS, while avoiding detection? In this environment, task scheduling (e.g., when will an import program be executed?) is exceptionally critical information, enabling an attacker to launch a targeted attack against specific, important tasks. To succeed in gathering the necessary information and launching an attack, the attacker must avoid perturbing the system in ways that might reveal his or her presence. The researchers are developing algorithms and side-channel metrics to study what they could reveal about system schedule characteristics and task start times and duration estimates. Based on these studies, the team is designing randomization-based mitigations for such attacks. Results are evaluated both through simulation and through experiments on real embedded platforms.

许多安全关键系统，如汽车、飞机、医疗设备和发电厂，都是由实时嵌入式系统控制的。由于此类系统通过互联网等网络互连，因此它们越来越容易受到网络攻击。该项目正在研究此类系统的漏洞、攻击者如何避免检测以及保护策略。该项目重点关注针对嵌入式实时系统 (RTS) 的网络攻击的监视阶段。 研究人员正在解决以下问题：对手如何提取有关正在运行的 RTS 的关键信息，同时避免被发现？在这种环境下，任务调度（例如导入程序何时执行？）是异常关键的信息，使得攻击者能够针对特定的重要任务发起有针对性的攻击。为了成功收集必要的信息并发起攻击，攻击者必须避免以可能暴露其存在的方式扰乱系统。研究人员正在开发算法和旁道指标，以研究它们可以揭示有关系统调度特征以及任务开始时间和持续时间估计的信息。 根据这些研究，该团队正在为此类攻击设计基于随机化的缓解措施。通过仿真和真实嵌入式平台上的实验来评估结果。

项目成果

A Novel Side-Channel in Real-Time Schedulers

• DOI: 10.1109/rtas.2019.00016
• 发表时间: 2018-06-05
• 期刊: 2019 IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS)
• 作者: Chien;Sibin Mohan;R. Pellizzoni;R. Bobba;N. Kiyavash
• 通讯作者: N. Kiyavash

Period Adaptation for Continuous Security Monitoring in Multicore Real-Time Systems

多核实时系统中连续安全监控的周期自适应

• DOI: 10.23919/date48585.2020.9116364
• 发表时间: 2020-03
• 期刊: Automation & Test in Europe Conference & Exhibition (DATE
• 作者: Hasan, Monowar;Mohan, Sibin;Pellizzoni, Rodolfo;Bobba, Rakesh B.
• 通讯作者: Bobba, Rakesh B.

A Covert Queueing Channel in FCFS Schedulers

FCFS调度器中的隐蔽排队通道

• DOI: 10.1109/tifs.2018.2797953
• 发表时间: 2018-06
• 期刊: IEEE Transactions on Information Forensics and Security
• 影响因子: 6.8
• 作者: Ghassami, AmirEmad;Kiyavash, Negar
• 通讯作者: Kiyavash, Negar

Preserving Physical Safety Under Cyber Attacks

在网络攻击下保护人身安全

• DOI: 10.1109/jiot.2018.2889866
• 发表时间: 2019-08-01
• 期刊: IEEE Internet of Things Journal
• 影响因子: 10.6
• 作者: Fardin Abdi;Chien;M. Hasan;Songran Liu;Sibin Mohan;M. Caccamo
• 通讯作者: M. Caccamo

Indistinguishability Prevents Scheduler Side Channels in Real-Time Systems

不可区分性阻止了实时系统中的调度程序侧通道

• DOI: 10.1145/3460120.3484769
• 发表时间: 2021-11-12
• 期刊: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security
• 作者: Chien;Debopam Sanyal;Sibin Mohan
• 通讯作者: Sibin Mohan