DREAMS: Secure communication between resource management components in networked multi-core systems

• Published in: 2016 IEEE Conference on Open Systems (ICOS) pp. 99 - 104
• Main Authors: Koller, Thomas, Gala, Gautam, Perez, Daniel Gracia, Ruland, Christoph, Fohler, Gerhard
• Format: Conference Proceeding
• Language: English
• Published: IEEE 01.10.2016
• Subjects: Access control; Computer architecture; Conferences; cyber-physical systems; Libraries; mixed-criticality; Receivers; Resource management; security; service based architecture
• ISSN: 2473-3660
• DOI: 10.1109/ICOS.2016.7881996

In mixed-criticality systems, resource management services are required to recognize and fulfill system wide high-level constraints, e.g., end-to-end deadlines. This is not possible through individual resources in isolation. Instead, a system-wide view is necessary which requires system-wide decisions. In the European FP7 project DREAMS, services for system-wide adaptability of mixed-criticality applications consuming several resources are provided via a hierarchical resource management. The resource management is a promising target for a passive as well as an active attacker since it deals with critical information of the system. The fact of having the authority to actively take decisions on resource allocation makes it an interesting target. Therefore, security mechanisms are required to ensure an adequate protection of the system's resource management. This paper introduces the DREAMS secure resource management services, specifically secure communication between the resource managers. Furthermore, the resource management infrastructure is analyzed with respect to possible attacks and suitable countermeasures are discussed. A security library is developed in accordance to the identified countermeasures and implemented as a proof of concept.