60 likes | 211 Views
Secure Real Time Embedded Systems. Sherif Khattab and Daniel Moss é University of Pittsburgh Computer Science Department. Embedded Systems. Before: isolated, closed systems Later: connected thru dedicated phone lines Now, web connected; control can be done remotely
E N D
Secure Real TimeEmbedded Systems Sherif Khattab and Daniel Mossé University of Pittsburgh Computer Science Department
Embedded Systems • Before: isolated, closed systems • Later: connected thru dedicated phone lines • Now, web connected; control can be done remotely • Convenience costs LOTS of remote security issues • Safety and security are big issues, since these systems (now on the web) control actual industrial plants and other devices • Attacker’s goal: compromise data and deadlines • Defender’s goal: satisfy deadlines, despite overhead
POTS? Voice over IP? • Assume VoIP is widespread (skype anyone?) • Assume compromised nodes can attack POTS • Use VoIP to attack dialup control systems • Distributed Denial of Service: lots of VoIP clients compromised attack control system to a slow or fast death…
Denial of Service • DoS attacks cause system overload, overloads cause timing failures (missed deadlines, control period) • System needs to react when it cannot • Suggested approach: reserve security bandwidth? RTSs are a perfect candidate • Every new component creates a new vulnerability • Make detection a real-time task (temporally secure) characteristics? temporally vulnerable? • Mitigating DoS attacks in RTSs or EmSys • Mixture of static and dynamic analysis? • Relation with imprecise, reward-based, version-based, elastic, …, computing? • Power grids, sensor networks, industrial control systems…
Requirements • Need another property, namely security level • Do we need YARTM? (yet another RT task model?) • Include a measure of robustness and power/energy • Complete model includes attackers’ capabilities and constraints (battery, CPU, etc), attack model (correlated attacks, spoofing attacks, etc) • However, security is on the eye of the system integrator • Need to provide tradeoffs • Specification is needed • Need to remember that data exists forever
Questions • Define the difference between security and fault tolerance? Similar in RTSs? In EmSys? • Find tradeoff of crypto/security deadline misses • Need efficient intrusion detection mechanisms • What is special (besides funding ) in secure embedded systems?? Similar, but for small devs • Cannot afford the power for public key crypto • Need adaptive security; does it compromise security? • Relatively light attacks may be crippling • What detection mechanisms can we use that satisfy all restrictions of embedded systems?