Securing Real-Time Cyber-Physical Systems Using WCET-Aware Artificial Diversity | IEEE Conference Publication | IEEE Xplore

Securing Real-Time Cyber-Physical Systems Using WCET-Aware Artificial Diversity


Abstract:

Artificial software diversity is an effective way to prevent software vulnerabilities and errors to be exploited in code-reuse attacks. This is achieved by lowering the i...Show More

Abstract:

Artificial software diversity is an effective way to prevent software vulnerabilities and errors to be exploited in code-reuse attacks. This is achieved by lowering the individual probability of a successful attack to a level that makes the attack unfeasible. Unfortunately, the existing approaches are not applicable to safety-critical real-time systems as they induce unacceptable performance overheads, they violate safety and timing guarantees, or they assume hardware resources which are typically not available in embedded systems. To overcome these problems, we propose a safe diversity approach that preserves the timing properties of real-time processes by controlling its impact on the worst case execution time (WCET). Our main idea is to use block-level diversity with a large, but fixed set of movable instruction sequences, and to use static WCET analysis to identify non-critical areas of code where it can safely be split into more movable instruction sequences.
Date of Conference: 06-10 November 2017
Date Added to IEEE Xplore: 02 April 2018
ISBN Information:
Conference Location: Orlando, FL, USA

Contact IEEE to Subscribe

References

References is not available for this document.