1 / 6

Secure Real Time Embedded Systems

Secure Real Time Embedded Systems. Sherif Khattab and Daniel Moss é University of Pittsburgh Computer Science Department. Embedded Systems. Before: isolated, closed systems Later: connected thru dedicated phone lines Now, web connected; control can be done remotely

hedva
Download Presentation

Secure Real Time Embedded Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure Real TimeEmbedded Systems Sherif Khattab and Daniel Mossé University of Pittsburgh Computer Science Department

  2. Embedded Systems • Before: isolated, closed systems • Later: connected thru dedicated phone lines • Now, web connected; control can be done remotely • Convenience costs LOTS of remote security issues • Safety and security are big issues, since these systems (now on the web) control actual industrial plants and other devices • Attacker’s goal: compromise data and deadlines • Defender’s goal: satisfy deadlines, despite overhead

  3. POTS? Voice over IP? • Assume VoIP is widespread (skype anyone?) • Assume compromised nodes can attack POTS • Use VoIP to attack dialup control systems • Distributed Denial of Service: lots of VoIP clients compromised attack control system to a slow or fast death…

  4. Denial of Service • DoS attacks cause system overload, overloads cause timing failures (missed deadlines, control period) • System needs to react when it cannot • Suggested approach: reserve security bandwidth? RTSs are a perfect candidate • Every new component creates a new vulnerability • Make detection a real-time task (temporally secure) characteristics? temporally vulnerable? • Mitigating DoS attacks in RTSs or EmSys • Mixture of static and dynamic analysis? • Relation with imprecise, reward-based, version-based, elastic, …, computing? • Power grids, sensor networks, industrial control systems…

  5. Requirements • Need another property, namely security level • Do we need YARTM? (yet another RT task model?) • Include a measure of robustness and power/energy • Complete model includes attackers’ capabilities and constraints (battery, CPU, etc), attack model (correlated attacks, spoofing attacks, etc) • However, security is on the eye of the system integrator • Need to provide tradeoffs • Specification is needed • Need to remember that data exists forever

  6. Questions • Define the difference between security and fault tolerance? Similar in RTSs? In EmSys? • Find tradeoff of crypto/security deadline misses • Need efficient intrusion detection mechanisms • What is special (besides funding ) in secure embedded systems?? Similar, but for small devs • Cannot afford the power for public key crypto • Need adaptive security; does it compromise security? • Relatively light attacks may be crippling • What detection mechanisms can we use that satisfy all restrictions of embedded systems?

More Related