License: Creative Commons Attribution 3.0 Unported license (CC BY 3.0)
When quoting this document, please refer to the following
DOI: 10.4230/LIPIcs.ECRTS.2020.8
URN: urn:nbn:de:0030-drops-123719
URL: http://dagstuhl.sunsite.rwth-aachen.de/volltexte/2020/12371/
Go to the corresponding LIPIcs Volume Portal

Bellec, Nicolas ; Rokicki, Simon ; Puaut, Isabelle

Attack Detection Through Monitoring of Timing Deviations in Embedded Real-Time Systems

pdf-format:
LIPIcs-ECRTS-2020-8.pdf (0.6 MB)

Abstract

Real-time embedded systems (RTES) are required to interact more and more with their environment, thereby increasing their attack surface. Recent security breaches on car brakes and other critical components have already proven the feasibility of attacks on RTES. Such attacks may change the control-flow of the programs, which may lead to violations of the system’s timing constraints.
In this paper, we present a technique to detect attacks in RTES based on timing information. Our technique, designed for single-core processors, is based on a monitor implemented in hardware to preserve the predictability of instrumented programs. The monitor uses timing information (Worst-Case Execution Time - WCET) of code regions to detect attacks. The proposed technique guarantees that attacks that delay the run-time of any region beyond its WCET are detected. Since the number of regions in programs impacts the memory resources consumed by the hardware monitor, our method includes a region selection algorithm that limits the amount of memory consumed by the monitor. An implementation of the hardware monitor and its simulation demonstrates the practicality of our approach. In particular, an experimental study evaluates the attack detection latency.

BibTeX - Entry

@InProceedings{bellec_et_al:LIPIcs:2020:12371,
  author =	{Nicolas Bellec and Simon Rokicki and Isabelle Puaut},
  title =	{{Attack Detection Through Monitoring of Timing Deviations in Embedded Real-Time Systems}},
  booktitle =	{32nd Euromicro Conference on Real-Time Systems (ECRTS 2020)},
  pages =	{8:1--8:22},
  series =	{Leibniz International Proceedings in Informatics (LIPIcs)},
  ISBN =	{978-3-95977-152-8},
  ISSN =	{1868-8969},
  year =	{2020},
  volume =	{165},
  editor =	{Marcus V{\"o}lp},
  publisher =	{Schloss Dagstuhl--Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/opus/volltexte/2020/12371},
  URN =		{urn:nbn:de:0030-drops-123719},
  doi =		{10.4230/LIPIcs.ECRTS.2020.8},
  annote =	{Keywords: Real-time systems, security, attack detection, control flow hijacking, WCET estimation, hardware monitoring}
}

Keywords: Real-time systems, security, attack detection, control flow hijacking, WCET estimation, hardware monitoring
Collection: 32nd Euromicro Conference on Real-Time Systems (ECRTS 2020)
Issue Date: 2020
Date of publication: 30.06.2020

DROPS-Home | Fulltext Search | Imprint | Privacy Published by LZI