首页    期刊浏览 2025年02月26日 星期三
登录注册

文章基本信息

  • 标题:Vulnerability Analysis and Mitigation of Directed Timing Inference Based Attacks on Time-Triggered Systems
  • 作者:Kristin Kr{\"u}ger ; Marcus V{\"o}lp ; Gerhard Fohler
  • 期刊名称:LIPIcs : Leibniz International Proceedings in Informatics
  • 电子版ISSN:1868-8969
  • 出版年度:2018
  • 卷号:106
  • 页码:22:1-22:17
  • DOI:10.4230/LIPIcs.ECRTS.2018.22
  • 出版社:Schloss Dagstuhl -- Leibniz-Zentrum fuer Informatik
  • 摘要:Much effort has been put into improving the predictability of real-time systems, especially in safety-critical environments, which provides designers with a rich set of methods and tools to attest safety in situations with no or a limited number of accidental faults. However, with increasing connectivity of real-time systems and a wide availability of increasingly sophisticated exploits, security and, in particular, the consequences of predictability on security become concerns of equal importance. Time-triggered scheduling with offline constructed tables provides determinism and simplifies timing inference, however, at the same time, time-triggered scheduling creates vulnerabilities by allowing attackers to target their attacks to specific, deterministically scheduled and possibly safety-critical tasks. In this paper, we analyze the severity of these vulnerabilities by assuming successful compromise of a subset of the tasks running in a real-time system and by investigating the attack potential that attackers gain from them. Moreover, we discuss two ways to mitigate direct attacks: slot-level online randomization of schedules, and offline schedule-diversification. We evaluate these mitigation strategies with a real-world case study to show their practicability for mitigating not only accidentally malicious behavior, but also malicious behavior triggered by attackers on purpose.
  • 关键词:real-time systems; time-triggered systems; security; vulnerability
Loading...
联系我们|关于我们|网站声明
国家哲学社会科学文献中心版权所有