Integrating Security Mechanisms in Hard Real-Time Systems

Abstract

Traditionally Real-Time Systems (RTSs) and security have been considered as separate domains. This is mostly because traditional systems employed isolated customized components, while modern systems tend to be highly interconnected and rely on open components and protocols. A wave of recent attacks on real-time systems have forced both practitioners and researchers to consider security as an essential system requirement. To propose a first step towards integrating security mechanisms in real-time systems, we focus on the problem of information leakage through shared physical resources such as cache memory. Regular security mechanisms tend to be computationally intensive, and using them as a separate protection component in hard RTSs can affect the schedulability of the system. Hence, in this work we propose two mechanisms to prevent information leakage, analyze their impact on task schedulability and study how to optimize the system configuration to minimize overhead. A new generalized security model is introduced to model the relevant security requirements. We implemented all proposed techniques on an available real-time operating systems, and evaluated their performance based on both a realistic case study of a UAV system as well as synthetic applications.