Minimizing Side-Channel Attack Vulnerability via Schedule Randomization
(2018)Department of Automatic Control
- Abstract
- Predictable and repeatable execution is the key to ensuring functional correctness for real-time systems. Scheduling algorithms are designed to generate schedules that repeat after a certain amount of time has passed. However, this repeatability is also a vulnerability when side-channel attacks are considered.
Side-channel attacks are attacks based on information gained from the implementation of a system, rather than on weaknesses in the algorithm. Side-channel attacks have exploited the predictability of real-time systems to
disrupt their correct behavior. Schedule Randomization has been proposed as a way to mitigate this problem. Online, the scheduler selects a schedule among a set of available ones, trying to achieve an execution... (More) - Predictable and repeatable execution is the key to ensuring functional correctness for real-time systems. Scheduling algorithms are designed to generate schedules that repeat after a certain amount of time has passed. However, this repeatability is also a vulnerability when side-channel attacks are considered.
Side-channel attacks are attacks based on information gained from the implementation of a system, rather than on weaknesses in the algorithm. Side-channel attacks have exploited the predictability of real-time systems to
disrupt their correct behavior. Schedule Randomization has been proposed as a way to mitigate this problem. Online, the scheduler selects a schedule among a set of available ones, trying to achieve an execution trace that is as different as possible from previous ones, therefore minimizing the amount of information that the attacker can gather.
This thesis investigates fundamental limitations of schedule randomization for a generic taskset. We then propose an algorithm to construct a set of schedules that achieves a differentation level as high as possible, using the fewest number of schedules, for tasksets with implicit deadlines. The approach is validated with synthetically generated tasksets and the taskset of an industrial case study, showing promising results. (Less)
Please use this url to cite or link to this publication:
http://lup.lub.lu.se/student-papers/record/8955595
- author
- Vreman, Nils
- supervisor
- organization
- year
- 2018
- type
- H3 - Professional qualifications (4 Years - )
- subject
- report number
- TFRT-6059
- ISSN
- 0280-5316
- language
- English
- id
- 8955595
- date added to LUP
- 2018-08-13 12:39:45
- date last changed
- 2018-08-13 12:39:45
@misc{8955595,
abstract = {{Predictable and repeatable execution is the key to ensuring functional correctness for real-time systems. Scheduling algorithms are designed to generate schedules that repeat after a certain amount of time has passed. However, this repeatability is also a vulnerability when side-channel attacks are considered.
Side-channel attacks are attacks based on information gained from the implementation of a system, rather than on weaknesses in the algorithm. Side-channel attacks have exploited the predictability of real-time systems to
disrupt their correct behavior. Schedule Randomization has been proposed as a way to mitigate this problem. Online, the scheduler selects a schedule among a set of available ones, trying to achieve an execution trace that is as different as possible from previous ones, therefore minimizing the amount of information that the attacker can gather.
This thesis investigates fundamental limitations of schedule randomization for a generic taskset. We then propose an algorithm to construct a set of schedules that achieves a differentation level as high as possible, using the fewest number of schedules, for tasksets with implicit deadlines. The approach is validated with synthetically generated tasksets and the taskset of an industrial case study, showing promising results.}},
author = {{Vreman, Nils}},
issn = {{0280-5316}},
language = {{eng}},
note = {{Student Paper}},
title = {{Minimizing Side-Channel Attack Vulnerability via Schedule Randomization}},
year = {{2018}},
}