Security-aware scheduling of embedded control tasks
In this work, we focus on securing cyber-physical systems (CPS) in the presence of network-based attacks, such as Man-in-the-Middle (MitM) attacks, where a stealthy attacker is able to compromise communication between system sensors and controllers. Standard methods for this type of attacks rely on the use of cryptographic mechanisms, such as Message Authentication Codes (MACs) to ensure data integrity. However, this approach incurs significant computation overhead, limiting its use in resource constrained systems. Consequently, we consider the problem of scheduling multiple control tasks on a shared processor while providing a suitable level of security guarantees. Specifically, by security guarantees we refer to control performance, i.e., Quality-of-Control (QoC), in the presence of attacks. We start by mapping requirements for QoC under attack into constraints for security-aware control tasks that, besides standard control operations, intermittently perform data authentication. This allows for the analysis of the impact that security-related computation overhead has on both schedulability of control tasks and QoC. Building on this analysis, we introduce a mixed-integer linear programming-based technique to obtain a schedulable task set with predefined QoC requirements. Also, to facilitate optimal resource allocation, we provide a method to analyze interplay between available computational resources and the overall QoC under attack, and show how to obtain a schedulable task set that maximizes the overall QoC guarantees. Finally, we prove usability of our approach on a case study with multiple automotive control components.
Duke Scholars
Published In
DOI
EISSN
ISSN
Publication Date
Volume
Issue
Related Subject Headings
- Computer Hardware & Architecture
- 4606 Distributed computing and systems software
- 4006 Communications engineering
- 1006 Computer Hardware
- 0805 Distributed Computing
- 0803 Computer Software
Citation
Published In
DOI
EISSN
ISSN
Publication Date
Volume
Issue
Related Subject Headings
- Computer Hardware & Architecture
- 4606 Distributed computing and systems software
- 4006 Communications engineering
- 1006 Computer Hardware
- 0805 Distributed Computing
- 0803 Computer Software