Securing Real-Time Cyber-Physical Systems Using WCET-Aware Artificial Diversity
| Title | Securing Real-Time Cyber-Physical Systems Using WCET-Aware Artificial Diversity |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Fellmuth, J., Herber, P., Pfeffer, T. F., Glesner, S. |
| Conference Name | 2017 IEEE 15th Intl Conf on Dependable, Autonomic and Secure Computing, 15th Intl Conf on Pervasive Intelligence and Computing, 3rd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech) |
| ISBN Number | 978-1-5386-1956-8 |
| Keywords | Artificial Diversity, artificial software diversity, block-level diversity, code-reuse attacks, Collaboration, Cyber-physical systems, Embedded systems, hardware resources, human factors, individual probability, Layout, Metrics, movable instruction sequences, policy-based governance, Policy-Governed Secure Collaboration, probability, pubcrawl, Real-time, real-time cyber-physical systems, real-time processes, Real-time Systems, resilience, Resiliency, Safe Coding, safe diversity approach, safety-critical real-time systems, safety-critical software, security, security of data, software errors, software vulnerabilities, static WCET analysis, Timing, timing guarantees, timing properties, unacceptable performance overheads, WCET, WCET-aware artificial diversity, worst case execution time |
| Abstract | Artificial software diversity is an effective way to prevent software vulnerabilities and errors to be exploited in code-reuse attacks. This is achieved by lowering the individual probability of a successful attack to a level that makes the attack unfeasible. Unfortunately, the existing approaches are not applicable to safety-critical real-time systems as they induce unacceptable performance overheads, they violate safety and timing guarantees, or they assume hardware resources which are typically not available in embedded systems. To overcome these problems, we propose a safe diversity approach that preserves the timing properties of real-time processes by controlling its impact on the worst case execution time (WCET). Our main idea is to use block-level diversity with a large, but fixed set of movable instruction sequences, and to use static WCET analysis to identify non-critical areas of code where it can safely be split into more movable instruction sequences. |
| URL | https://ieeexplore.ieee.org/document/8328432/ |
| DOI | 10.1109/DASC-PICom-DataCom-CyberSciTec.2017.88 |
| Citation Key | fellmuth_securing_2017 |
- software errors
- real-time systems
- resilience
- Resiliency
- Safe Coding
- safe diversity approach
- safety-critical real-time systems
- safety-critical software
- security
- security of data
- real-time processes
- software vulnerabilities
- static WCET analysis
- timing
- timing guarantees
- timing properties
- unacceptable performance overheads
- WCET
- WCET-aware artificial diversity
- worst case execution time
- Layout
- artificial software diversity
- block-level diversity
- code-reuse attacks
- collaboration
- cyber-physical systems
- embedded systems
- hardware resources
- Human Factors
- individual probability
- Artificial Diversity
- Metrics
- movable instruction sequences
- policy-based governance
- Policy-Governed Secure Collaboration
- probability
- pubcrawl
- real-time
- real-time cyber-physical systems