In the world of real-time systems (RTS), security has often been overlooked in the design process. However, with the emergence of the Internet of Things and Cyber-Physical Systems, RTS are now frequently used in interconnected applications where data is shared regularly.
Unfortunately, this increased connectivity has also led to a larger attack surface. As a result, it is crucial to redesign RTS to not only meet real-time requirements but also to be resilient to threats. To address this issue, we propose a new real-time security co-design task model, and an accompanying scheduling framework, where schedulability can be used to indicate whether both real-time and security requirements are met. Our algorithm is designed to be flexible, allowing different security mechanisms to be used along with real-time tasks. Specifically, we augment the frame-based task model by introducing an n-dimensional security matrix, which serves as a powerful tool to enable our approach. This matrix clearly indicates which defense mechanisms are available for each task in the system by storing the worst-case execution times of tasks. Then, we transform the problem of maximizing security, subject to schedulability, into a variant of the knapsack problem. To make this approach more practical, we implement a fully polynomial time approximation scheme (FPTAS) that reduces the time complexity of solving the knapsack problem from a pseudo-polynomial to a fully polynomial. We also experiment with a greedy-heuristic approach and compare the results of both algorithms. / Master of Science / Real-time systems are computer systems that need to respond to events in a timely manner.
In the past, these systems were designed without much consideration for security. However, with the increasing use of interconnected devices and systems, it has become important to make sure that real-time systems are secure and protected against malicious attacks. To address this issue, we propose a new approach for designing real-time systems that prioritizes security from the very beginning. Our approach allows for different security tasks to be executed depending on the system's needs, and we use a two-dimensional security matrix to help with this. We also introduce a way to solve the security problem that is faster and more efficient than previous methods. Our experimental results show that our new approach significantly reduces the time and effort required to solve the security problem while still producing good results.
Identifer | oai:union.ndltd.org:VTETD/oai:vtechworks.lib.vt.edu:10919/115098 |
Date | 18 May 2023 |
Creators | Kansal, Kriti |
Contributors | Electrical and Computer Engineering, Chantem, Thidapat, Wang, Yue J., Min, Chang Woo |
Publisher | Virginia Tech |
Source Sets | Virginia Tech Theses and Dissertation |
Language | English |
Detected Language | English |
Type | Thesis |
Format | ETD, application/pdf |
Rights | In Copyright, http://rightsstatements.org/vocab/InC/1.0/ |
Page generated in 0.0024 seconds