A generalized model for preventing information leakage in hard real-time systems

Rodolfo Pellizzoni; Neda Paryab; Man Ki Yoon; Stanley Bak; Sibin Mohan; Rakesh B. Bobba

doi:10.1109/RTAS.2015.7108450

A generalized model for preventing information leakage in hard real-time systems

Rodolfo Pellizzoni
, Neda Paryab
, Man Ki Yoon
, Stanley Bak
, Sibin Mohan
, Rakesh B. Bobba

Computer Science

Stony Brook University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

44 Scopus citations

Abstract

Traditionally real-time systems and security have been considered as separate domains. Recent attacks on various systems with real-time properties have shown the need for a redesign of such systems to include security as a first class principle. In this paper, we propose a general model for capturing security constraints between tasks in a real-time system. This model is then used in conjunction with real-time scheduling algorithms to prevent the leakage of information via storage channels on implicitly shared resources. We expand upon a mechanism to enforce these constraints viz., cleaning up of shared resource state, and provide schedulability conditions based on fixed priority scheduling with both preemptive and non-preemptive tasks. We perform extensive evaluations, both theoretical and experimental, the latter on a hardware-in-the-loop simulator of an unmanned aerial vehicle (UAV) that executes on a demonstration platform.

Original language	English
Title of host publication	Proceedings - 21st IEEE Real Time and Embedded Technology and Applications Symposium, RTAS 2015
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	271-282
Number of pages	12
ISBN (Electronic)	9781479986033
DOIs	https://doi.org/10.1109/RTAS.2015.7108450
State	Published - May 14 2015
Event	21st IEEE Real Time and Embedded Technology and Applications Symposium, RTAS 2015 - Seattle, United States Duration: Apr 13 2015 → Apr 16 2015

Publication series

Name	Proceedings of the IEEE Real-Time and Embedded Technology and Applications Symposium, RTAS
Volume	2015-May

Conference

Conference	21st IEEE Real Time and Embedded Technology and Applications Symposium, RTAS 2015
Country/Territory	United States
City	Seattle
Period	04/13/15 → 04/16/15

Access to Document

10.1109/RTAS.2015.7108450

Cite this

Pellizzoni, R., Paryab, N., Yoon, M. K., Bak, S., Mohan, S., & Bobba, R. B. (2015). A generalized model for preventing information leakage in hard real-time systems. In Proceedings - 21st IEEE Real Time and Embedded Technology and Applications Symposium, RTAS 2015 (pp. 271-282). Article 7108450 (Proceedings of the IEEE Real-Time and Embedded Technology and Applications Symposium, RTAS; Vol. 2015-May). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/RTAS.2015.7108450

Pellizzoni, Rodolfo ; Paryab, Neda ; Yoon, Man Ki et al. / A generalized model for preventing information leakage in hard real-time systems. Proceedings - 21st IEEE Real Time and Embedded Technology and Applications Symposium, RTAS 2015. Institute of Electrical and Electronics Engineers Inc., 2015. pp. 271-282 (Proceedings of the IEEE Real-Time and Embedded Technology and Applications Symposium, RTAS).

@inproceedings{8e5fe5af4ccb4ca285378c678fde0b0a,

title = "A generalized model for preventing information leakage in hard real-time systems",

abstract = "Traditionally real-time systems and security have been considered as separate domains. Recent attacks on various systems with real-time properties have shown the need for a redesign of such systems to include security as a first class principle. In this paper, we propose a general model for capturing security constraints between tasks in a real-time system. This model is then used in conjunction with real-time scheduling algorithms to prevent the leakage of information via storage channels on implicitly shared resources. We expand upon a mechanism to enforce these constraints viz., cleaning up of shared resource state, and provide schedulability conditions based on fixed priority scheduling with both preemptive and non-preemptive tasks. We perform extensive evaluations, both theoretical and experimental, the latter on a hardware-in-the-loop simulator of an unmanned aerial vehicle (UAV) that executes on a demonstration platform.",

author = "Rodolfo Pellizzoni and Neda Paryab and Yoon, \{Man Ki\} and Stanley Bak and Sibin Mohan and Bobba, \{Rakesh B.\}",

note = "Publisher Copyright: {\textcopyright} 2015 IEEE.; 21st IEEE Real Time and Embedded Technology and Applications Symposium, RTAS 2015 ; Conference date: 13-04-2015 Through 16-04-2015",

year = "2015",

month = may,

day = "14",

doi = "10.1109/RTAS.2015.7108450",

language = "English",

series = "Proceedings of the IEEE Real-Time and Embedded Technology and Applications Symposium, RTAS",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "271--282",

booktitle = "Proceedings - 21st IEEE Real Time and Embedded Technology and Applications Symposium, RTAS 2015",

}

Pellizzoni, R, Paryab, N, Yoon, MK, Bak, S, Mohan, S & Bobba, RB 2015, A generalized model for preventing information leakage in hard real-time systems. in Proceedings - 21st IEEE Real Time and Embedded Technology and Applications Symposium, RTAS 2015., 7108450, Proceedings of the IEEE Real-Time and Embedded Technology and Applications Symposium, RTAS, vol. 2015-May, Institute of Electrical and Electronics Engineers Inc., pp. 271-282, 21st IEEE Real Time and Embedded Technology and Applications Symposium, RTAS 2015, Seattle, United States, 04/13/15. https://doi.org/10.1109/RTAS.2015.7108450

A generalized model for preventing information leakage in hard real-time systems. / Pellizzoni, Rodolfo; Paryab, Neda; Yoon, Man Ki et al.
Proceedings - 21st IEEE Real Time and Embedded Technology and Applications Symposium, RTAS 2015. Institute of Electrical and Electronics Engineers Inc., 2015. p. 271-282 7108450 (Proceedings of the IEEE Real-Time and Embedded Technology and Applications Symposium, RTAS; Vol. 2015-May).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - A generalized model for preventing information leakage in hard real-time systems

AU - Pellizzoni, Rodolfo

AU - Paryab, Neda

AU - Yoon, Man Ki

AU - Bak, Stanley

AU - Mohan, Sibin

AU - Bobba, Rakesh B.

PY - 2015/5/14

Y1 - 2015/5/14

N2 - Traditionally real-time systems and security have been considered as separate domains. Recent attacks on various systems with real-time properties have shown the need for a redesign of such systems to include security as a first class principle. In this paper, we propose a general model for capturing security constraints between tasks in a real-time system. This model is then used in conjunction with real-time scheduling algorithms to prevent the leakage of information via storage channels on implicitly shared resources. We expand upon a mechanism to enforce these constraints viz., cleaning up of shared resource state, and provide schedulability conditions based on fixed priority scheduling with both preemptive and non-preemptive tasks. We perform extensive evaluations, both theoretical and experimental, the latter on a hardware-in-the-loop simulator of an unmanned aerial vehicle (UAV) that executes on a demonstration platform.

AB - Traditionally real-time systems and security have been considered as separate domains. Recent attacks on various systems with real-time properties have shown the need for a redesign of such systems to include security as a first class principle. In this paper, we propose a general model for capturing security constraints between tasks in a real-time system. This model is then used in conjunction with real-time scheduling algorithms to prevent the leakage of information via storage channels on implicitly shared resources. We expand upon a mechanism to enforce these constraints viz., cleaning up of shared resource state, and provide schedulability conditions based on fixed priority scheduling with both preemptive and non-preemptive tasks. We perform extensive evaluations, both theoretical and experimental, the latter on a hardware-in-the-loop simulator of an unmanned aerial vehicle (UAV) that executes on a demonstration platform.

UR - https://www.scopus.com/pages/publications/84944674060

U2 - 10.1109/RTAS.2015.7108450

DO - 10.1109/RTAS.2015.7108450

M3 - Conference contribution

T3 - Proceedings of the IEEE Real-Time and Embedded Technology and Applications Symposium, RTAS

SP - 271

EP - 282

BT - Proceedings - 21st IEEE Real Time and Embedded Technology and Applications Symposium, RTAS 2015

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 21st IEEE Real Time and Embedded Technology and Applications Symposium, RTAS 2015

Y2 - 13 April 2015 through 16 April 2015

ER -

Pellizzoni R, Paryab N, Yoon MK, Bak S, Mohan S, Bobba RB. A generalized model for preventing information leakage in hard real-time systems. In Proceedings - 21st IEEE Real Time and Embedded Technology and Applications Symposium, RTAS 2015. Institute of Electrical and Electronics Engineers Inc. 2015. p. 271-282. 7108450. (Proceedings of the IEEE Real-Time and Embedded Technology and Applications Symposium, RTAS). doi: 10.1109/RTAS.2015.7108450

A generalized model for preventing information leakage in hard real-time systems

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this