MAARS: Multi-Rate Attack-Aware Randomized Scheduling for Securing Real-time Systems

Modern Cyber-Physical Systems (CPSs) consist of numerous control units interconnected by communication networks. Each control unit executes multiple safety-critical and non-critical tasks in real-time. Most of the safety-critical tasks are executed with a fixed sampling period to ensure deterministi...

Full description

Saved in:
Bibliographic Details
Published inarXiv.org
Main Authors Sain, Arkaprava, Adhikary, Sunandan, Koley, Ipsita, Dey, Soumyajit
Format Paper
LanguageEnglish
Published Ithaca Cornell University Library, arXiv.org 01.08.2024
Subjects
Communication networks
Control equipment
Control systems
Control tasks
Cyber-physical systems
Inference
Preempting
Priority scheduling
Randomization
Real time
Safety critical
Schedules
Task scheduling
Online AccessGet full text

Cover

More Information
Summary:Modern Cyber-Physical Systems (CPSs) consist of numerous control units interconnected by communication networks. Each control unit executes multiple safety-critical and non-critical tasks in real-time. Most of the safety-critical tasks are executed with a fixed sampling period to ensure deterministic timing behaviour that helps in its safety and performance analysis. However, adversaries can exploit this deterministic behaviour of safety-critical tasks to launch inference-based-based attacks on them. This paper aims to prevent and minimize the possibility of such timing inference or schedule-based attacks to compromise the control units. This is done by switching between strategically chosen execution rates of the safety-critical control tasks such that their performance remains unhampered. Thereafter, we present a novel schedule vulnerability analysis methodology to switch between valid schedules generated for these multiple periodicities of the control tasks in run time. Utilizing these strategies, we introduce a novel Multi-Rate Attack-Aware Randomized Scheduling (MAARS) framework for preemptive fixed-priority schedulers that minimize the success rate of timing-inference-based attacks on safety-critical real-time systems. To our knowledge, this is the first work to propose a schedule randomization method with attack awareness that preserves both the control and scheduling aspects. The efficacy of the framework in terms of attack prevention is finally evaluated on several automotive benchmarks in a Hardware-in-loop (HiL) environment.
ISSN:2331-8422