Minimizing Side-Channel Attack Vulnerability via Schedule Randomization

Control systems can be vulnerable to security threats where an attacker gathers information about the execution of the system. In particular, side-channel attacks exploit the predictability of real-time control systems and of their schedules. To counteract their action, a scheduler can randomize the temporal execution of tasks and limit the amount of information the attacker can gather. Schedule randomization is aimed at achieving the highest possible schedule diversity (measured using the upper-approximated entropy) during the real-time execution of the controller. This paper investigates fundamental limitations of schedule randomization for a generic taskset. The constructed schedule set has minimal size and achieves the highest possible upper-approximated entropy.

[1]  Stefan Mangard,et al.  Power Analysis Attacks and Countermeasures , 2007, IEEE Design & Test of Computers.

[2]  Wil Michiels,et al.  Differential Computation Analysis: Hiding Your White-Box Designs is Not Enough , 2016, CHES.

[3]  Jim Alves-Foss,et al.  Covert timing channel capacity of rate monotonic real-time scheduling algorithm in MLS systems , 2006, Communication, Network, and Information Security.

[4]  Levente Buttyán,et al.  Embedded systems security: Threats, vulnerabilities, and attack taxonomy , 2015, 2015 13th Annual Conference on Privacy, Security and Trust (PST).

[5]  Karl Henrik Johansson,et al.  Revealing stealthy attacks in control systems , 2012, 2012 50th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[6]  Jalel Ben-Othman,et al.  Survey on VANET security challenges and possible cryptographic solutions , 2014, Veh. Commun..

[7]  Man-Ki Yoon,et al.  A generalized model for preventing information leakage in hard real-time systems , 2015, 21st IEEE Real-Time and Embedded Technology and Applications Symposium.

[8]  Claire Pagetti,et al.  The ROSACE case study: From Simulink specification to multi/many-core execution , 2014, 2014 IEEE 19th Real-Time and Embedded Technology and Applications Symposium (RTAS).

[9]  Jean-Baptiste Chaudron,et al.  Real-Time Distributed Aircraft Simulation through HLA , 2012, 2012 IEEE/ACM 16th International Symposium on Distributed Simulation and Real Time Applications.

[10]  Saravanan Sinnadurai Secure Embedded Systems , 2005 .

[11]  Yunyi Jia,et al.  Real-time control systems , 2018 .

[12]  Steve H. Weingart Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defences , 2000, CHES.

[13]  Roberto Di Pietro,et al.  Security in wireless ad-hoc networks - A survey , 2014, Comput. Commun..

[14]  Karl Henrik Johansson,et al.  Efficient Computations of a Security Index for False Data Attacks in Power Networks , 2012, IEEE Transactions on Automatic Control.

[15]  Henrik Sandberg,et al.  Distributed Fault Detection and Isolation Resilient to Network Model Uncertainties , 2014, IEEE Transactions on Cybernetics.

[16]  Lui Sha,et al.  TaskShuffler: A Schedule Randomization Protocol for Obfuscation against Timing Inference Attacks in Real-Time Systems , 2016, 2016 IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS).

[17]  Stefan Mangard,et al.  Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices , 2016, IEEE Communications Surveys & Tutorials.

[18]  K.-E. Arzen,et al.  How does control timing affect performance? Analysis and simulation of timing using Jitterbug and TrueTime , 2003, IEEE Control Systems.

[19]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[20]  Vuk Lesi,et al.  Security-Aware Scheduling of Embedded Control Tasks , 2017, ACM Trans. Embed. Comput. Syst..

[21]  Petru Eles,et al.  Robustness Analysis of Real-Time Scheduling Against Differential Power Analysis Attacks , 2014, 2014 IEEE Computer Society Annual Symposium on VLSI.

[22]  Catherine H. Gebotys,et al.  A new correlation frequency analysis of the side channel , 2010, WESS '10.

[23]  Man-Ki Yoon,et al.  Real-Time Systems Security through Scheduler Constraints , 2014, 2014 26th Euromicro Conference on Real-Time Systems.

[24]  Michael Hamburg,et al.  Spectre Attacks: Exploiting Speculative Execution , 2018, 2019 IEEE Symposium on Security and Privacy (SP).

[25]  Wang Yi,et al.  Leaking your engine speed by spectrum analysis of real-Time scheduling sequences , 2019, J. Syst. Archit..

[26]  Giorgio C. Buttazzo,et al.  Measuring the Performance of Schedulability Tests , 2005, Real-Time Systems.

[27]  Gerhard Fohler,et al.  Improving Security for Time-Triggered Real-Time Systems against Timing Inference Based Attacks by Schedule Obfuscation , 2017 .

[28]  Rakesh Bobba,et al.  A design-space exploration for allocating security tasks in multicore real-time systems , 2017, 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[29]  Gerhard Fohler,et al.  Vulnerability Analysis and Mitigation of Directed Timing Inference Based Attacks on Time-Triggered Systems , 2018, ECRTS.

[30]  Man-Ki Yoon,et al.  A Reconnaissance Attack Mechanism for Fixed-Priority Real-Time Systems , 2017, ArXiv.

[31]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .