GGrantIndex
← Search

ERI: ECCS: Concealing Side-Channels in Real-Time Schedulers

$200,000FY2022ENGNSF

Wichita State University, Wichita KS

Investigators

Abstract

Systems with real-time (i.e., stringent temporal and safety) requirements are often heavily engineered to be predictable for their correct operation. Such determinism allows attackers to launch side-channel attacks, infer sensitive information, or even destabilize the system by denying access to critical resources. Hence, this project explores systematic methods to close side-channels in current and future real-time systems. The development of analysis techniques and system-level frameworks proposed in this work will inherently make critical real-time systems of modern society (such as aircraft, automobiles, power grid, unmanned ground and aerial vehicles, satellites, manufacturing plants, industrial control systems, medical devices, and critical infrastructures, to name a few) more secure, and hence, safer. The outcomes of this work will bring researchers and system engineers one step closer to understanding how to integrate two seemingly diverse yet essential fields -- real-time systems and cyber-security -- while gaining a better understanding of both areas. This award supports the training of Ph.D. students, research exposure to undergraduates, and the integration of research findings into educational materials, and hence, enhances the knowledge of the next-generation technological workforce in cyber-physical systems and cyber-security sectors. Further, the project serves as a foundation for cyber-security education, training, and outreach programs for the K-12 students. This proposal investigates the problem of schedule-based side-channel information leakage in real-time systems and aims to mitigate such leakage by introducing the concept of "schedule randomization". The proposed research advances the design of secure real-time systems in three directions: (a) by devising novel analytical models and a new class of schedulers to obfuscate task execution orders, (b) constituting "metrics" to evaluate the system's security, and (c) integrating randomization techniques into existing real-time operating systems. The scheduler plugins and frameworks developed as a part of this project will be publicly available. The curriculum materials and pedagogical contents will also be made available to the educators. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

View original record on NSF Award Search →