Metasploit for Cyber-Physical Security Testing with Real-Time Constraints

Abstract

Metasploit is a framework for cybersecurity testing. The Metasploit Framework introduced the Hardware Bridge API to enable security testing of cyber-physical systems. Cyber-physical systems and tests/attacks on the systems are subject to real-time constraints. Hence, this research aims to study the temporal characteristics of tests implemented using the framework. Several factors, such as the programming language used to write tests, overhead added by the framework, scheduling policies, etc., affect the latency and jitter. This study considers the Controller Area Network (CAN) used in automotive systems to study the effect of those factors on the temporal characteristics of the tests. The study evaluates (i) latency and jitter for transmission and reception of the CAN messages in the network and (ii) the jitter in the periodicity in the periodic transmission of CAN messages. Based on the results, the study determines the best combination of the factors to minimize the latency and jitter in the tasks considered.

This work performs a case study on actual tests/attacks subject to real-time constraints and analyses the suitability of executing the tests using Metasploit. The study analyses the performance of tasks implemented as Metasploit modules and shows how choices of some factors can significantly improve the temporal characteristics without modifying the Metasploit Framework. The study compares the temporal characteristics of the tests implemented using the Metasploit Framework to the tests implemented using a microcontroller platform, in this case, Arduino Uno. This work proposes a framework to integrate the Metasploit Framework with tests that are executed on a microcontroller platform.