Contego: An adaptive framework for integrating security tasks in real-time systems

Monowar Hasan; Sibin Mohan; Rodolfo Pellizzoni; Rakesh B. Bobba

doi:10.4230/LIPIcs.ECRTS.2017.23

Contego: An adaptive framework for integrating security tasks in real-time systems

Monowar Hasan, Sibin Mohan, Rodolfo Pellizzoni, Rakesh B. Bobba

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Embedded real-time systems (RTS) are pervasive. Many modern RTS are exposed to unknown security flaws, and threats to RTS are growing in both number and sophistication. However, until recently, cyber-security considerations were an afterthought in the design of such systems. Any security mechanisms integrated into RTS must (a) co-exist with the real-time tasks in the system and (b) operate without impacting the timing and safety constraints of the control logic. We introduce Contego, an approach to integrating security tasks into RTS without affecting temporal requirements. Contego is specifically designed for legacy systems, viz., the real-time control systems in which major alterations of the system parameters for constituent tasks is not always feasible. Contego combines the concept of opportunistic execution with hierarchical scheduling to maintain compatibility with legacy systems while still providing flexibility by allowing security tasks to operate in different modes. We also define a metric to measure the effectiveness of such integration. We evaluate Contego using synthetic workloads as well as with an implementation on a realistic embedded platform (an open-source ARM CPU running real-time Linux).

Original language	English (US)
Title of host publication	29th Euromicro Conference on Real-Time Systems, ECRTS 2017
Editors	Marko Bertogna
Publisher	Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing
Pages	231-2322
Number of pages	2092
ISBN (Electronic)	9783959770378
DOIs	https://doi.org/10.4230/LIPIcs.ECRTS.2017.23
State	Published - Jun 1 2017
Event	29th Euromicro Conference on Real-Time Systems, ECRTS 2017 - Dubrovnik, Croatia Duration: Jun 28 2017 → Jun 30 2017

Publication series

Name	Leibniz International Proceedings in Informatics, LIPIcs
Volume	76
ISSN (Print)	1868-8969

Other

Other	29th Euromicro Conference on Real-Time Systems, ECRTS 2017
Country/Territory	Croatia
City	Dubrovnik
Period	6/28/17 → 6/30/17

Keywords

Hierarchical scheduling
Real-time systems
Security

ASJC Scopus subject areas

Software

Online availability

10.4230/LIPIcs.ECRTS.2017.23

Library availability

Discover UIUC Full Text

Cite this

Hasan, M., Mohan, S., Pellizzoni, R., & Bobba, R. B. (2017). Contego: An adaptive framework for integrating security tasks in real-time systems. In M. Bertogna (Ed.), 29th Euromicro Conference on Real-Time Systems, ECRTS 2017 (pp. 231-2322). (Leibniz International Proceedings in Informatics, LIPIcs; Vol. 76). Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing. https://doi.org/10.4230/LIPIcs.ECRTS.2017.23

Contego: An adaptive framework for integrating security tasks in real-time systems. / Hasan, Monowar; Mohan, Sibin; Pellizzoni, Rodolfo et al.
29th Euromicro Conference on Real-Time Systems, ECRTS 2017. ed. / Marko Bertogna. Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing, 2017. p. 231-2322 (Leibniz International Proceedings in Informatics, LIPIcs; Vol. 76).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Hasan, M, Mohan, S, Pellizzoni, R & Bobba, RB 2017, Contego: An adaptive framework for integrating security tasks in real-time systems. in M Bertogna (ed.), 29th Euromicro Conference on Real-Time Systems, ECRTS 2017. Leibniz International Proceedings in Informatics, LIPIcs, vol. 76, Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing, pp. 231-2322, 29th Euromicro Conference on Real-Time Systems, ECRTS 2017, Dubrovnik, Croatia, 6/28/17. https://doi.org/10.4230/LIPIcs.ECRTS.2017.23

Hasan M, Mohan S, Pellizzoni R, Bobba RB. Contego: An adaptive framework for integrating security tasks in real-time systems. In Bertogna M, editor, 29th Euromicro Conference on Real-Time Systems, ECRTS 2017. Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing. 2017. p. 231-2322. (Leibniz International Proceedings in Informatics, LIPIcs). doi: 10.4230/LIPIcs.ECRTS.2017.23

Hasan, Monowar ; Mohan, Sibin ; Pellizzoni, Rodolfo et al. / Contego : An adaptive framework for integrating security tasks in real-time systems. 29th Euromicro Conference on Real-Time Systems, ECRTS 2017. editor / Marko Bertogna. Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing, 2017. pp. 231-2322 (Leibniz International Proceedings in Informatics, LIPIcs).

@inproceedings{3ef3bd5d66d348f9b6bf37a938058fd6,

title = "Contego: An adaptive framework for integrating security tasks in real-time systems",

abstract = "Embedded real-time systems (RTS) are pervasive. Many modern RTS are exposed to unknown security flaws, and threats to RTS are growing in both number and sophistication. However, until recently, cyber-security considerations were an afterthought in the design of such systems. Any security mechanisms integrated into RTS must (a) co-exist with the real-time tasks in the system and (b) operate without impacting the timing and safety constraints of the control logic. We introduce Contego, an approach to integrating security tasks into RTS without affecting temporal requirements. Contego is specifically designed for legacy systems, viz., the real-time control systems in which major alterations of the system parameters for constituent tasks is not always feasible. Contego combines the concept of opportunistic execution with hierarchical scheduling to maintain compatibility with legacy systems while still providing flexibility by allowing security tasks to operate in different modes. We also define a metric to measure the effectiveness of such integration. We evaluate Contego using synthetic workloads as well as with an implementation on a realistic embedded platform (an open-source ARM CPU running real-time Linux).",

keywords = "Hierarchical scheduling, Real-time systems, Security",

author = "Monowar Hasan and Sibin Mohan and Rodolfo Pellizzoni and Bobba, {Rakesh B.}",

note = "Publisher Copyright: {\textcopyright} Monowar Hasan, Sibin Mohan, Rodolfo Pellizzoni, and Rakesh B. Bobba; licensed under Creative Commons License CC-BY.; 29th Euromicro Conference on Real-Time Systems, ECRTS 2017 ; Conference date: 28-06-2017 Through 30-06-2017",

year = "2017",

month = jun,

day = "1",

doi = "10.4230/LIPIcs.ECRTS.2017.23",

language = "English (US)",

series = "Leibniz International Proceedings in Informatics, LIPIcs",

publisher = "Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing",

pages = "231--2322",

editor = "Marko Bertogna",

booktitle = "29th Euromicro Conference on Real-Time Systems, ECRTS 2017",

}

TY - GEN

T1 - Contego

T2 - 29th Euromicro Conference on Real-Time Systems, ECRTS 2017

AU - Hasan, Monowar

AU - Mohan, Sibin

AU - Pellizzoni, Rodolfo

AU - Bobba, Rakesh B.

N1 - Publisher Copyright: © Monowar Hasan, Sibin Mohan, Rodolfo Pellizzoni, and Rakesh B. Bobba; licensed under Creative Commons License CC-BY.

PY - 2017/6/1

Y1 - 2017/6/1

N2 - Embedded real-time systems (RTS) are pervasive. Many modern RTS are exposed to unknown security flaws, and threats to RTS are growing in both number and sophistication. However, until recently, cyber-security considerations were an afterthought in the design of such systems. Any security mechanisms integrated into RTS must (a) co-exist with the real-time tasks in the system and (b) operate without impacting the timing and safety constraints of the control logic. We introduce Contego, an approach to integrating security tasks into RTS without affecting temporal requirements. Contego is specifically designed for legacy systems, viz., the real-time control systems in which major alterations of the system parameters for constituent tasks is not always feasible. Contego combines the concept of opportunistic execution with hierarchical scheduling to maintain compatibility with legacy systems while still providing flexibility by allowing security tasks to operate in different modes. We also define a metric to measure the effectiveness of such integration. We evaluate Contego using synthetic workloads as well as with an implementation on a realistic embedded platform (an open-source ARM CPU running real-time Linux).

AB - Embedded real-time systems (RTS) are pervasive. Many modern RTS are exposed to unknown security flaws, and threats to RTS are growing in both number and sophistication. However, until recently, cyber-security considerations were an afterthought in the design of such systems. Any security mechanisms integrated into RTS must (a) co-exist with the real-time tasks in the system and (b) operate without impacting the timing and safety constraints of the control logic. We introduce Contego, an approach to integrating security tasks into RTS without affecting temporal requirements. Contego is specifically designed for legacy systems, viz., the real-time control systems in which major alterations of the system parameters for constituent tasks is not always feasible. Contego combines the concept of opportunistic execution with hierarchical scheduling to maintain compatibility with legacy systems while still providing flexibility by allowing security tasks to operate in different modes. We also define a metric to measure the effectiveness of such integration. We evaluate Contego using synthetic workloads as well as with an implementation on a realistic embedded platform (an open-source ARM CPU running real-time Linux).

KW - Hierarchical scheduling

KW - Real-time systems

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=85037723369&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85037723369&partnerID=8YFLogxK

U2 - 10.4230/LIPIcs.ECRTS.2017.23

DO - 10.4230/LIPIcs.ECRTS.2017.23

M3 - Conference contribution

AN - SCOPUS:85037723369

T3 - Leibniz International Proceedings in Informatics, LIPIcs

SP - 231

EP - 2322

BT - 29th Euromicro Conference on Real-Time Systems, ECRTS 2017

A2 - Bertogna, Marko

PB - Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing

Y2 - 28 June 2017 through 30 June 2017

ER -

Contego: An adaptive framework for integrating security tasks in real-time systems

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this