About Me     Research     CV     Publications         Professional     Personal

Integrating Security in Real-Time Embedded Systems

Embedded real-time systems (RTS) are used to monitor and control physical systems and processes in varied domains. Formerly, most such systems remained isolated from the rest of the world, and applications were partitioned in isolated processing nodes that offered protection from cyber-attacks. Increasingly, these systems are now being connected together, and there does not exist a comprehensive framework for integrating security into embedded RTS; retrofitting existing systems is usually ineffective.
Traditionally, real-time systems are modeled as sets of periodic tasks that are then scheduled on a collection of resources. Any security-related mechanisms must work within the imposed restrictions of real-time systems; on the other hand, those properties of RTS make it easier to model systems and perform rigorous analysis of developed solutions.

This project is aimed at developing (1) an understanding of threat landscapes; (2) security mechanisms that are unique to this domain; and (3) theories, policies, models, algorithms, and mechanisms that bring the domains of security and real-time systems together. The work is answering questions such as: when solutions are developed that integrate security with real-time systems theory, can we classify solutions based on how effectively they meet real-time requirements as well as improve system security? Can this be used to aid in development of robust systems that can monitor themselves and detect events?
  1. Sibin Mohan [UIUC]
  2. Rakesh Bobba [UIUC]
  3. Rodolfo Pellizzoni [University of Waterloo]
  4. Marco Caccamo [UIUC]
  5. Man-Ki Yoon [UIUC]
  6. Stanley Bak [Air Force Research Labs, Rome, NY]
  7. Neda Paryab [University of Waterloo]
  8. Chien-Ying (CY) Chen [UIUC]
  9. Monowar Hasan [UIUC]
  10. Fardin Abdi Taghi Abad [UIUC]
I. In initial work, we have been able to cast certain security properties (viz. information leakage) as constraints for fixed-priority real-time schedulers. Using traditional schedulability and response-time analysis we have been able to show the effects of such methods. Designers of real-time systems can now decide on how much security (i.e. protection against information leakage) they can tolerate in comparison to the real-time requirements.

  1. Real-Time Systems Security Through Scheduler Constraints by S. Mohan, M. K. Yoon, R. Pellizzoni and R. Bobba published in the 26th EUROMICRO Conference on Real-Time Systems (ECRTS), Madrid, Spain, 2014.
  2. A generalized model for preventing information leakage in hard real-time systems by Rodolfo Pellizzoni, Neda Paryab, Man-Ki Yoon, Stanley Bak, Sibin Mohan and Rakesh Bobba published in RTAS 2015: 271-282.
  3. Integrating security constraints into fixed priority real-time schedulers by Sibin Mohan, Man-Ki YoonRodolfo PellizzoniRakesh B. Bobba published in Real-Time Systems52(5): 644-674 (2016).


Other Links
<< Home