SchedGuard++: Protecting against Schedule Leaks Using Linux Containers on Multi-Core Processors

IF 2 Q3 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS

ACM Transactions on Cyber-Physical Systems Pub Date : 2023-01-31 DOI:10.1145/3565974

Jiyang Chen, Tomasz Kloda, Rohan Tabish, Ayoosh Bansal, Chien-Ying Chen, Bo Liu, Sibin Mohan, Marco Caccamo, Lui Sha

{"title":"SchedGuard++: Protecting against Schedule Leaks Using Linux Containers on Multi-Core Processors","authors":"Jiyang Chen, Tomasz Kloda, Rohan Tabish, Ayoosh Bansal, Chien-Ying Chen, Bo Liu, Sibin Mohan, Marco Caccamo, Lui Sha","doi":"10.1145/3565974","DOIUrl":null,"url":null,"abstract":"Timing correctness is crucial in a multi-criticality real-time system, such as an autonomous driving system. It has been recently shown that these systems can be vulnerable to timing inference attacks, mainly due to their predictable behavioral patterns. Existing solutions like schedule randomization cannot protect against such attacks, often limited by the system’s real-time nature. This article presents “ SchedGuard++ ”: a temporal protection framework for Linux-based real-time systems that protects against posterior schedule-based attacks by preventing untrusted tasks from executing during specific time intervals. SchedGuard++ supports multi-core platforms and is implemented using Linux containers and a customized Linux kernel real-time scheduler. We provide schedulability analysis assuming the Logical Execution Time (LET) paradigm, which enforces I/O predictability. The proposed response time analysis takes into account the interference from trusted and untrusted tasks and the impact of the protection mechanism. We demonstrate the effectiveness of our system using a realistic radio-controlled rover platform. Not only is “ SchedGuard++ ” able to protect against the posterior schedule-based attacks, but it also ensures that the real-time tasks/containers meet their temporal requirements.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":2.0000,"publicationDate":"2023-01-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Cyber-Physical Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3565974","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}

引用次数: 1

Abstract

Timing correctness is crucial in a multi-criticality real-time system, such as an autonomous driving system. It has been recently shown that these systems can be vulnerable to timing inference attacks, mainly due to their predictable behavioral patterns. Existing solutions like schedule randomization cannot protect against such attacks, often limited by the system’s real-time nature. This article presents “ SchedGuard++ ”: a temporal protection framework for Linux-based real-time systems that protects against posterior schedule-based attacks by preventing untrusted tasks from executing during specific time intervals. SchedGuard++ supports multi-core platforms and is implemented using Linux containers and a customized Linux kernel real-time scheduler. We provide schedulability analysis assuming the Logical Execution Time (LET) paradigm, which enforces I/O predictability. The proposed response time analysis takes into account the interference from trusted and untrusted tasks and the impact of the protection mechanism. We demonstrate the effectiveness of our system using a realistic radio-controlled rover platform. Not only is “ SchedGuard++ ” able to protect against the posterior schedule-based attacks, but it also ensures that the real-time tasks/containers meet their temporal requirements.

查看原文本刊更多论文

SchedGuard++:在多核处理器上使用Linux容器防止调度泄漏

在多临界实时系统(如自动驾驶系统)中，时间正确性至关重要。最近的研究表明，这些系统容易受到时间推理攻击，主要是由于它们的可预测行为模式。现有的解决方案，如调度随机化，往往受到系统实时性的限制，无法抵御这种攻击。本文介绍了“SchedGuard++”:一个用于基于linux的实时系统的临时保护框架，它通过防止在特定时间间隔内执行不受信任的任务来防止基于调度的后向攻击。SchedGuard++支持多核平台，并使用Linux容器和定制的Linux内核实时调度器实现。我们提供假设逻辑执行时间(LET)范式的可调度性分析，该范式强制I/O可预测性。提出的响应时间分析考虑了可信任务和不可信任务的干扰以及保护机制的影响。我们用一个真实的无线电控制漫游者平台证明了我们系统的有效性。“SchedGuard++”不仅能够防止后端基于调度的攻击，而且还能确保实时任务/容器满足它们的时间需求。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ACM Transactions on Cyber-Physical Systems COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS-

CiteScore

5.70

自引率

4.30%

发文量