Security-aware Routing and Scheduling for Control Applications on Ethernet TSN Networks

Today, it is common knowledge in the cyber-physical systems domain that the tight interaction between the cyber and physical elements provides the possibility of substantially improving the performance of these systems that is otherwise impossible. On the downside, however, this tight interaction with cyber elements makes it easier for an adversary to compromise the safety of the system. This becomes particularly important, since such systems typically are composed of several critical physical components, e.g., adaptive cruise control or engine control that allow deep intervention in the driving of a vehicle. As a result, it is important to ensure not only the reliability of such systems, e.g., in terms of schedulability and stability of control plants, but also resilience to adversarial attacks. In this article, we propose a security-aware methodology for routing and scheduling for control applications in Ethernet networks. The goal is to maximize the resilience of control applications within these networked control systems to malicious interference while guaranteeing the stability of all control plants, despite the stringent resource constraints in such cyber-physical systems. Our experimental evaluations demonstrate that careful optimization of available resources can significantly improve the resilience of these networked control systems to attacks.

[1]  Michael Glaß,et al.  Optimizing message routing and scheduling in automotive mixed-criticality time-triggered networks , 2017, 2017 54th ACM/EDAC/IEEE Design Automation Conference (DAC).

[2]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[3]  Lothar Thiele Internet of Things—The Quest for Trust , 2017, IEEE Design & Test.

[4]  Riccardo Muradore,et al.  A SystemC/Matlab co-simulation tool for networked control systems , 2012, Simul. Model. Pract. Theory.

[5]  Soheil Samii,et al.  Level 5 by Layer 2: Time-Sensitive Networking for Autonomous Vehicles , 2018, IEEE Communications Standards Magazine.

[6]  Thomas H. Cormen,et al.  Introduction to algorithms [2nd ed.] , 2001 .

[7]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[8]  Marsha Chechik,et al.  Symbolic optimization with SMT solvers , 2014, POPL.

[9]  Paulo Tabuada,et al.  Non-invasive Spoofing Attacks for Anti-lock Braking Systems , 2013, CHES.

[10]  Roberto Sebastiani,et al.  OptiMathSAT: A Tool for Optimization Modulo Theories , 2015, Journal of Automated Reasoning.

[11]  Anton Cervin,et al.  Stability and worst-case performance analysis of sampled-data control systems with input and output jitter , 2012, 2012 American Control Conference (ACC).

[12]  William Stallings,et al.  Cryptography and network security - principles and practice (3. ed.) , 2014 .

[13]  Rolf H. Weber,et al.  Internet of Things - New security and privacy challenges , 2010, Comput. Law Secur. Rev..

[14]  Wilfried Steiner Synthesis of Static Communication Schedules for Mixed-Criticality Systems , 2011, 2011 14th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing Workshops.

[15]  Sang Hyuk Son,et al.  Systematic Security and Timeliness Tradeoffs in Real-Time Embedded Systems , 2006, 12th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA'06).

[16]  Xiao Qin,et al.  Improving security for periodic tasks in embedded systems through scheduling , 2007, TECS.

[17]  Silviu S. Craciunas,et al.  Design optimisation of cyber-physical distributed systems using IEEE time-sensitive networks , 2016, IET Cyper-Phys. Syst.: Theory & Appl..

[18]  Clark W. Barrett,et al.  The SMT-LIB Standard Version 2.0 , 2010 .

[19]  Hongjun Wu,et al.  Improving the Biclique Cryptanalysis of AES , 2015, ACISP.

[20]  Lucia Lo Bello The case for ethernet in automotive communications , 2011, SIGBED.

[21]  Anton Cervin,et al.  JITTERBUG: a tool for analysis of real-time control performance , 2002, Proceedings of the 41st IEEE Conference on Decision and Control, 2002..

[22]  Meikang Qiu,et al.  Static Security Optimization for Real-Time Systems , 2009, IEEE Transactions on Industrial Informatics.

[23]  Petru Eles,et al.  Optimization of Message Encryption for Real-Time Applications in Embedded Systems , 2018, IEEE Transactions on Computers.

[24]  Wilfried Steiner,et al.  An Evaluation of SMT-Based Schedule Synthesis for Time-Triggered Multi-hop Networks , 2010, 2010 31st IEEE Real-Time Systems Symposium.

[25]  Nikolaj Bjørner,et al.  νZ - An Optimizing SMT Solver , 2015, TACAS.

[26]  Srivaths Ravi,et al.  Security in embedded systems: Design challenges , 2004, TECS.

[27]  Ronald L. Rivest,et al.  Improved Analysis of Some Simplified Variants of RC6 , 1999, FSE.

[28]  Ronald L. Rivest,et al.  Introduction to Algorithms , 1990 .

[29]  Michael Paulitsch,et al.  TTEthernet Dataflow Concept , 2009, 2009 Eighth IEEE International Symposium on Network Computing and Applications.

[30]  Charanjit S. Jutla,et al.  Encryption Modes with Almost Free Message Integrity , 2001, Journal of Cryptology.

[31]  Zbigniew Michalewicz,et al.  Genetic algorithms + data structures = evolution programs (3rd ed.) , 1996 .

[32]  Paul Pettersson,et al.  Tools and Algorithms for the Construction and Analysis of Systems: 28th International Conference, TACAS 2022, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2022, Munich, Germany, April 2–7, 2022, Proceedings, Part II , 1998, TACAS.

[33]  Petru Eles,et al.  Optimization of secure embedded systems with dynamic task sets , 2013, 2013 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[34]  Karl Johan Åström,et al.  Computer-controlled systems (3rd ed.) , 1997 .

[35]  Paul Pop,et al.  Design optimization of TTEthernet-based distributed real-time systems , 2014, Real-Time Systems.

[36]  Xue Liu,et al.  An Efficient Control-Driven Period Optimization Algorithm for Distributed Real-Time Systems , 2016, IEEE Transactions on Computers.

[37]  A. K. Lenstra,et al.  Key Lengths Contribution to The Handbook of Information Security , 2010 .

[38]  Amir Aminifar,et al.  Analysis, Design, and Optimization of Embedded Control Systems , 2016 .

[39]  Silviu S. Craciunas,et al.  Scheduling Real-Time Communication in IEEE 802.1Qbv Time Sensitive Networks , 2016, RTNS.

[40]  Petru Eles,et al.  Integrated scheduling and synthesis of control applications on distributed embedded systems , 2009, 2009 Design, Automation & Test in Europe Conference & Exhibition.

[41]  Petru Eles,et al.  Jfair: a scheduling algorithm to stabilize control applications , 2015, 21st IEEE Real-Time and Embedded Technology and Applications Symposium.

[42]  Petru Eles,et al.  Optimization of message encryption for distributed embedded systems with real-time constraints , 2011, 14th IEEE International Symposium on Design and Diagnostics of Electronic Circuits and Systems.

[43]  Andrey Bogdanov,et al.  Biclique Cryptanalysis of the Full AES , 2011, ASIACRYPT.

[44]  Joos Vandewalle,et al.  Linear Cryptanalysis of RC5 and RC6 , 1999, FSE.

[45]  Rafal Rohozinski,et al.  Stuxnet and the Future of Cyber War , 2011 .

[46]  Samarjit Chakraborty,et al.  Automotive Cyber–Physical Systems: A Tutorial Introduction , 2016, IEEE Design & Test.

[47]  Thomas Peyrin,et al.  Security challenges in automotive hardware/software architecture design , 2013, 2013 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[48]  Petru Eles,et al.  Co-design techniques for distributed real-time embedded systems with communication security constraints , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[49]  Srivaths Ravi,et al.  Security as a new dimension in embedded system design , 2004, Proceedings. 41st Design Automation Conference, 2004..

[50]  Petru Eles,et al.  Control-Quality-Driven Design of Embedded Control Systems with Stability Guarantees , 2018, IEEE Design & Test.

[51]  Petru Eles,et al.  Stability-aware integrated routing and scheduling for control applications in Ethernet networks , 2018, 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[52]  Vuk Lesi,et al.  Security-Aware Scheduling of Embedded Control Tasks , 2017, ACM Trans. Embed. Comput. Syst..

[53]  Elaine B. Barker,et al.  Report on the Development of the Advanced Encryption Standard (AES) , 2001, Journal of research of the National Institute of Standards and Technology.

[54]  Willi Meier,et al.  Correlations in RC6 with a Reduced Number of Rounds , 2000, FSE.