research-article

Public Access

Security-Aware Scheduling of Embedded Control Tasks

Authors:

Miroslav PajicAuthors Info & Claims

ACM Transactions on Embedded Computing Systems (TECS), Volume 16, Issue 5s

Article No.: 188, Pages 1 - 21

https://doi.org/10.1145/3126518

Published: 27 September 2017 Publication History

Abstract

In this work, we focus on securing cyber-physical systems (CPS) in the presence of network-based attacks, such as Man-in-the-Middle (MitM) attacks, where a stealthy attacker is able to compromise communication between system sensors and controllers. Standard methods for this type of attacks rely on the use of cryptographic mechanisms, such as Message Authentication Codes (MACs) to ensure data integrity. However, this approach incurs significant computation overhead, limiting its use in resource constrained systems. Consequently, we consider the problem of scheduling multiple control tasks on a shared processor while providing a suitable level of security guarantees. Specifically, by security guarantees we refer to control performance, i.e., Quality-of-Control (QoC), in the presence of attacks. We start by mapping requirements for QoC under attack into constraints for security-aware control tasks that, besides standard control operations, intermittently perform data authentication. This allows for the analysis of the impact that security-related computation overhead has on both schedulability of control tasks and QoC. Building on this analysis, we introduce a mixed-integer linear programming-based technique to obtain a schedulable task set with predefined QoC requirements. Also, to facilitate optimal resource allocation, we provide a method to analyze interplay between available computational resources and the overall QoC under attack, and show how to obtain a schedulable task set that maximizes the overall QoC guarantees. Finally, we prove usability of our approach on a case study with multiple automotive control components.

References

[1]

A. Anta and P. Tabuada. 2009. On the Benefits of Relaxing the Periodicity Assumption for Networked Control Systems over CAN. In 2009 30th IEEE Real-Time Systems Symposium. 3--12.

Digital Library

[2]

A. Anta and P. Tabuada. 2010. To Sample or not to Sample: Self-Triggered Control for Nonlinear Systems. IEEE Trans. Automat. Control 55, 9 (Sept 2010), 2030--2042.

[3]

Sanjoy Baruah and Enrico Bini. 2008. Partitioned scheduling of sporadic task systems: an ILP-based approach. Proceedings of the International Conference on Design and Architectures for Signal and Image Processing (DASIP) (2008).

[4]

Sanjoy Baruah, Deji Chen, Sergey Gorinsky, and Aloysius Mok. 1999. Generalized Multiframe Tasks. Real-Time Systems 17, 1 (01 Jul 1999), 5--22.

Digital Library

[5]

Sanjoy K. Baruah, Louis E. Rosier, and Rodney R. Howell. 1990. Algorithms and complexity concerning the preemptive scheduling of periodic, real-time tasks on one processor. Real-Time Systems 2, 4 (01 Nov 1990), 301--324.

Digital Library

[6]

Pietro Belotti, Pierre Bonami, Matteo Fischetti, Andrea Lodi, Michele Monaci, Amaya Nogales-Gómez, and Domenico Salvagnin. 2016. On handling indicator constraints in mixed integer programming. Computational Optimization and Applications 65, 3 (01 Dec 2016), 545--566.

Digital Library

[7]

Enrico Bini and Giorgio Buttazzo. 2009. The space of EDF deadlines: the exact region and a convex approximation. Real-Time Systems 41, 1 (01 Jan 2009), 27--51.

Digital Library

[8]

G. C. Buttazzo. 2011. Hard Real-Time Computing Systems: Predictable Scheduling Algorithms and Applications (3rd ed.). Springer, 110--114.

Digital Library

[9]

Giorgio C. Buttazzo, Giuseppe Lipari, Marco Caccamo, and Luca Abeni. 2002. Elastic Scheduling for Flexible Workload Management. IEEE Trans. Comput. 51, 3 (March 2002), 289--302.

Digital Library

[10]

Anton Cervin, Johan Eker, Bo Bernhardsson, and Karl-Erik Årzén. 2002. Feedback--Feedforward Scheduling of Control Tasks. Real-Time Systems 23, 1 (01 Jul 2002), 25--53.

Digital Library

[11]

Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, and Tadayoshi Kohno. 2011. Comprehensive Experimental Analyses of Automotive Attack Surfaces. In Proceedings of the 20th USENIX Conference on Security (SEC’11). USENIX Association, Berkeley, CA, USA, 6--6. http://dl.acm.org/citation.cfm?id=2028067.2028073

Digital Library

[12]

T. M. Chen and S. Abu-Nimeh. 2011. Lessons from Stuxnet. Computer 44, 4 (April 2011), 91--93.

Digital Library

[13]

A. Greenberg. 2015. Hackers Remotely Kill a Jeep on the Highway, Wired Magazine. (2015).

[14]

M. Hasan, S. Mohan, R. B. Bobba, and R. Pellizzoni. 2016. Exploring Opportunistic Execution for Integrating Security into Legacy Hard Real-Time Systems. In 2016 IEEE Real-Time Systems Symposium (RTSS). 123--134.

[15]

I. Jovanov and M. Pajic. 2017. Relaxing Integrity Requirements for Resilient Control Systems. CoRR abs/1707.02950 (2017). https://arxiv.org/abs/1707.02950

[16]

I. Jovanov and M. Pajic. 2017. Sporadic Data Integrity for Secure State Estimation. In 55th IEEE Conference on Decision and Control (CDC).

[17]

Andrew J. Kerns, Daniel P. Shepard, Jahshan A. Bhatti, and Todd E. Humphreys. 2014. Unmanned Aircraft Capture and Control Via GPS Spoofing. J. Field Robot. 31, 4 (July 2014), 617--636.

Digital Library

[18]

C. Kwon, W. Liu, and I. Hwang. 2014. Analysis and Design of Stealthy Cyber Attacks on Unmanned Aerial Systems. Journal of Aerospace Information Systems 11, 8 (2014), 525--539.

[19]

V. Lesi, I. Jovanov, and M. Pajic. 2017. Network Scheduling for Secure Cyber-Physical Systems. In 38th IEEE Real-Time Systems Symposium (RTSS).

[20]

Joseph Y.-T. Leung and M. L. Merrill. 1980. A note on preemptive scheduling of periodic, real-time tasks. Inform. Process. Lett. 11, 3 (1980), 115--118.

[21]

Chung-Wei Lin, Bowen Zheng, Qi Zhu, and Alberto Sangiovanni-Vincentelli. 2015. Security-Aware Design Methodology and Optimization for Automotive Systems. ACM Trans. Des. Autom. Electron. Syst. 21, 1, Article 18 (Dec. 2015), 26 pages.

Digital Library

[22]

M. Lin, L. Xu, L. T. Yang, X. Qin, N. Zheng, Z. Wu, and M. Qiu. 2009. Static Security Optimization for Real-Time Systems. IEEE Transactions on Industrial Informatics 5, 1 (Feb 2009), 22--37.

[23]

Yuriy Zacchia Lun, Alessandro D’Innocenzo, Ivano Malavolta, and Maria Domenica Di Benedetto. 2016. Cyber-Physical Systems Security: a Systematic Mapping Study. CoRR abs/1605.09641 (2016). http://arxiv.org/abs/1605.09641

[24]

Y. Mo, E. Garone, A. Casavola, and B. Sinopoli. 2010. False data injection attacks against state estimation in wireless sensor networks. In 49th IEEE Conference on Decision and Control (CDC). 5967--5972.

[25]

A. K. Mok and D. Chen. 1996. A multiframe model for real-time tasks. (Dec 1996), 22--29.

[26]

Gurobi Optimization Inc.2014. Gurobi optimizer reference manual. (2014). http://www.gurobi.com

[27]

M. Pajic, I. Lee, and G. J. Pappas. 2017. Attack-Resilient State Estimation for Noisy Dynamical Systems. IEEE Transactions on Control of Network Systems 4, 1 (March 2017), 82--92.

[28]

M. Pajic, J. Weimer, N. Bezzo, P. Tabuada, O. Sokolsky, I. Lee, and G. J. Pappas. 2014. Robustness of attack-resilient state estimators. In 2014 ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS). 163--174.

Digital Library

[29]

B. Peng and N. Fisher. 2016. Parameter Adaption for Generalized Multiframe Tasks and Applications to Self-Suspending Tasks. In 2016 IEEE 22nd International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA). 49--58.

[30]

M. Pettersson. 1997. Driveline modeling and control. Ph.D. Dissertation. Department of Electrical Engineering, Linköping University.

[31]

C. T. Wei. 2009. Modeling and control of an engine fuel injection system. Master’s thesis.

[32]

Tao Xie and Xiao Qin. 2007. Improving Security for Periodic Tasks in Embedded Systems Through Scheduling. ACM Trans. Embed. Comput. Syst. 6, 3, Article 20 (July 2007).

Digital Library

[33]

B. Zheng, P. Deng, R. Anguluri, Q. Zhu, and F. Pasqualetti. 2016. Cross-Layer Codesign for Secure Cyber-Physical Systems. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 35, 5 (May 2016), 699--711.

Digital Library

Cited By

Hasan MKashinath AChen CMohan S(2024)SoK: Security in Real-Time SystemsACM Computing Surveys10.1145/3649499Online publication date: 26-Feb-2024
https://doi.org/10.1145/3649499
Hammadeh ZHasan MHamad M(2024)Securing Real-Time Systems using Schedule Reconfiguration2024 IEEE 27th International Symposium on Real-Time Distributed Computing (ISORC)10.1109/ISORC61049.2024.10551328(1-10)Online publication date: 22-May-2024
https://doi.org/10.1109/ISORC61049.2024.10551328
Koley IDey SMukhopadhyay DSingh SLokesh LGhotgalkar S(2023)CAD Support for Security and Robustness Analysis of Safety-critical Automotive SoftwareACM Transactions on Cyber-Physical Systems10.1145/35712877:1(1-26)Online publication date: 20-Feb-2023
https://dl.acm.org/doi/10.1145/3571287
Show More Cited By

Index Terms

Security-Aware Scheduling of Embedded Control Tasks

Recommendations

Integrating Security in Resource-Constrained Cyber-Physical Systems
Special Issue on User-Centric Security and Safety for CPS

Defense mechanisms against network-level attacks are commonly based on the use of cryptographic techniques, such as lengthy message authentication codes (MAC) that provide data integrity guarantees. However, such mechanisms require significant resources ...
A colonel blotto game for interdependence-aware cyber-physical systems security in smart cities
SCOPE '17: Proceedings of the 2nd International Workshop on Science of Smart City Operations and Platforms Engineering

Smart cities must integrate a number of interdependent cyber-physical systems that operate in a coordinated manner to improve the well-being of the city's residents. A cyber-physical system (CPS) is a system of computational elements controlling ...
Analysis on quantum-based fixed priority scheduling of real-time tasks
ICUIMC '09: Proceedings of the 3rd International Conference on Ubiquitous Information Management and Communication

Fixed priority schedulers are widely used for real-time systems, and there were efforts to improve the schedulability. Preemption threshold scheduling is one of such efforts with a dual priority scheme. It increases the schedulability by introducing ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Embedded Computing Systems

ACM Transactions on Embedded Computing Systems Volume 16, Issue 5s

Special Issue ESWEEK 2017, CASES 2017, CODES + ISSS 2017 and EMSOFT 2017

October 2017

1448 pages

ISSN:1539-9087

EISSN:1558-3465

DOI:10.1145/3145508

Editor:
Sandeep K. Shukla
Indian Institute of Technology, India

Issue’s Table of Contents

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Journal Family

ACM Journals for the Design of Smart and Connected Systems

Publication History

Published: 27 September 2017

Accepted: 01 June 2017

Revised: 01 May 2017

Received: 01 April 2017

Published in TECS Volume 16, Issue 5s

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

32
Total Citations
View Citations
827
Total Downloads

Downloads (Last 12 months)62
Downloads (Last 6 weeks)4

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Hasan MKashinath AChen CMohan S(2024)SoK: Security in Real-Time SystemsACM Computing Surveys10.1145/3649499Online publication date: 26-Feb-2024
https://doi.org/10.1145/3649499
Hammadeh ZHasan MHamad M(2024)Securing Real-Time Systems using Schedule Reconfiguration2024 IEEE 27th International Symposium on Real-Time Distributed Computing (ISORC)10.1109/ISORC61049.2024.10551328(1-10)Online publication date: 22-May-2024
https://doi.org/10.1109/ISORC61049.2024.10551328
Koley IDey SMukhopadhyay DSingh SLokesh LGhotgalkar S(2023)CAD Support for Security and Robustness Analysis of Safety-critical Automotive SoftwareACM Transactions on Cyber-Physical Systems10.1145/35712877:1(1-26)Online publication date: 20-Feb-2023
https://dl.acm.org/doi/10.1145/3571287
Ikumapayi OOlufowobi HDaily JHu TBertolotti IBloom G(2023)CANASTA: Controller Area Network Authentication Schedulability Timing AnalysisIEEE Transactions on Vehicular Technology10.1109/TVT.2023.325874672:8(10024-10036)Online publication date: Aug-2023
https://doi.org/10.1109/TVT.2023.3258746
Momtaz AMedhat RBonakdarpour B(2023)Resource Optimization of Stream Processing in Layered Internet of Things2023 42nd International Symposium on Reliable Distributed Systems (SRDS)10.1109/SRDS60354.2023.00030(221-231)Online publication date: 25-Sep-2023
https://doi.org/10.1109/SRDS60354.2023.00030
Wang YBozkurt ASmith NPajic M(2023)Attack-Resilient Supervisory Control of Discrete-Event Systems: A Finite-State Transducer ApproachIEEE Open Journal of Control Systems10.1109/OJCSYS.2023.32904082(208-220)Online publication date: 2023
https://doi.org/10.1109/OJCSYS.2023.3290408
Hasan MMohan S(2023)You Can’t Always Check What You Wanted: : Selective Checking and Trusted Execution to Prevent False Actuations in Real-Time Internet-of-Things2023 IEEE 26th International Symposium on Real-Time Distributed Computing (ISORC)10.1109/ISORC58943.2023.00017(42-53)Online publication date: May-2023
https://doi.org/10.1109/ISORC58943.2023.00017
Leonardi SAromolo FFara PSerra GCasini DBiondi AButtazzo G(2023)Maximizing the Security Level of Real-Time Software While Preserving Temporal ConstraintsIEEE Access10.1109/ACCESS.2023.326467111(35591-35607)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3264671
Hasan MMohan SBobba RPellizzoni R(2022)Beyond Just Safety: Delay-aware Security Monitoring for Real-time Control SystemsACM Transactions on Cyber-Physical Systems10.1145/35201366:3(1-25)Online publication date: 7-Sep-2022
https://dl.acm.org/doi/10.1145/3520136
Khazraei AHallyburton SGao QWang YPajic M(2022)Learning-Based Vulnerability Analysis of Cyber-Physical Systems2022 ACM/IEEE 13th International Conference on Cyber-Physical Systems (ICCPS)10.1109/ICCPS54341.2022.00030(259-269)Online publication date: May-2022
https://doi.org/10.1109/ICCPS54341.2022.00030
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Media

Figures

Other

Tables

View Issue’s Table of Contents