Sechduler: A Security-Aware Kernel Scheduler

Trustworthy operation of safety-critical infrastructures necessitates efficient solutions that satisfy both realtimeness and security requirements simultaneously. In this paper, we present Sechduler, a formally verifiable security-aware operating system scheduler that dynamically makes sure that system computational resources are allocated to individual waiting tasks in an optimal order such that, if feasible, neither real time nor security requirements of the system are violated. Additionally, if not both of the requirements can be satisfied simultaneously, Sechduler makes use of easy-to-define linear temporal logic-based policies as well as automatically generated Buchi automaton-based monitors, compiled as loadable kernel modules, to enforce which requirements should get the priority. Our experimental results show that Sechduler can adaptively enforce the system-wide logic-based temporal policies within the kernel and with minimal performance overhead of 3% on average to guarantee high level of combined security and realtimeness simultaneously.

[1]  Eyal de Lara,et al.  The taser intrusion recovery system , 2005, SOSP '05.

[2]  Amir Pnueli,et al.  The temporal logic of programs , 1977, 18th Annual Symposium on Foundations of Computer Science (sfcs 1977).

[3]  Andrew H. Sung,et al.  Identifying Significant Features for Network Forensic Analysis Using Artificial Intelligence Techniques , 2003, Int. J. Digit. EVid..

[4]  John E. Hopcroft,et al.  An n log n algorithm for minimizing states in a finite automaton , 1971 .

[5]  David M. Eyers,et al.  Policy Generation Framework for Large-Scale Storage Infrastructures , 2010, 2010 IEEE International Symposium on Policies for Distributed Systems and Networks.

[6]  Elisa Bertino,et al.  TRBAC , 2001, ACM Trans. Inf. Syst. Secur..

[7]  Pierre Wolper,et al.  Memory-efficient algorithms for the verification of temporal properties , 1990, Formal Methods Syst. Des..

[8]  Marco Spuri,et al.  Deadline Scheduling for Real-Time Systems: Edf and Related Algorithms , 2013 .

[9]  Martin Leucker,et al.  Runtime Verification for LTL and TLTL , 2011, TSEM.

[10]  Nicholas Nethercote,et al.  Valgrind: A Program Supervision Framework , 2003, RV@CAV.

[11]  William H. Sanders,et al.  FloGuard: Cost-Aware Systemwide Intrusion Defense via Online Forensics and On-Demand IDS Deployment , 2011, SAFECOMP.

[12]  Saman A. Zonouz,et al.  EliMet: Security metric elicitation in power grid critical infrastructures by observing system administrators' responsive behavior , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[13]  Brian D. Carrier,et al.  File System Forensic Analysis , 2005 .

[14]  Martin Leucker,et al.  Comparing LTL Semantics for Runtime Verification , 2010, J. Log. Comput..

[15]  Heng Yin,et al.  Panorama: capturing system-wide information flow for malware detection and analysis , 2007, CCS '07.

[16]  James W. Layland,et al.  Scheduling Algorithms for Multiprogramming in a Hard-Real-Time Environment , 1989, JACM.

[17]  Bengt Jonsson,et al.  Using SPIN to model check concurrent algorithms, using a translation from C to Promela , 2009 .

[18]  Robert E. Tarjan,et al.  Depth-First Search and Linear Graph Algorithms , 1972, SIAM J. Comput..

[19]  Bruce Potter,et al.  Host Integrity Monitoring Using Osiris and Samhain , 2005 .

[20]  Takashi Hiyama,et al.  Intelligent Automatic Generation Control , 2011 .

[21]  Pierre Wolper,et al.  Simple on-the-fly automatic verification of linear temporal logic , 1995, PSTV.

[22]  William H. Sanders,et al.  Ieee Transactions on Parallel and Distributed Systems Rre: a Game-theoretic Intrusion Response and Recovery Engine , 2022 .

[23]  H. Sato,et al.  A real-time communication mechanism for RTLinux , 2000, 2000 26th Annual Conference of the IEEE Industrial Electronics Society. IECON 2000. 2000 IEEE International Conference on Industrial Electronics, Control and Instrumentation. 21st Century Technologies.

[24]  Xiao Qin,et al.  SAREC: a security-aware scheduling strategy for real-time applications on clusters , 2005, 2005 International Conference on Parallel Processing (ICPP'05).

[25]  Jorge Santos,et al.  Scheduling heterogeneous multimedia servers: different QoS for hard, soft and non real-time clients , 2000, Proceedings 12th Euromicro Conference on Real-Time Systems. Euromicro RTS 2000.

[26]  Moshe Y. Vardi An Automata-Theoretic Approach to Linear Temporal Logic , 1996, Banff Higher Order Workshop.

[27]  Krithi Ramamritham,et al.  Dynamic Task Scheduling in Hard Real-Time Distributed systems , 1984, IEEE Software.

[28]  Lonnie R. Welch,et al.  Heterogeneous resource management for dynamic real-time systems , 2000, Proceedings 9th Heterogeneous Computing Workshop (HCW 2000) (Cat. No.PR00556).

[29]  Gail-Joon Ahn,et al.  Towards temporal access control in cloud computing , 2012, 2012 Proceedings IEEE INFOCOM.

[30]  Krithi Ramamritham,et al.  Preemptive Scheduling Under Time and Resource Constraints , 1987, IEEE Transactions on Computers.

[31]  George S. Avrunin,et al.  Patterns in property specifications for finite-state verification , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[32]  Zhenkai Liang,et al.  BitBlaze: A New Approach to Computer Security via Binary Analysis , 2008, ICISS.

[33]  Chandandeep Singh Pabla Completely fair scheduler , 2009 .