DeepAI AI Chat
Log In Sign Up

ScheduLeak: A Novel Scheduler Side-Channel Attack Against Real-Time Autonomous Control Systems

by   Chien-Ying Chen, et al.
University of Waterloo
Oregon State University

Real-time autonomous control systems are often the core of safety critical systems such as automotive systems, avionic systems, power plants and industrial control systems among others. While safety has traditionally been a focus in the design of these systems, security has often been an afterthought. In this paper we present a novel side-channel in real-time schedulers and algorithms that exploit it. In particular, we show that the scheduler side-channel can be used to obtain critical timing information that can aid other attacks. A complete implementation on both a simulator and real operating systems (i.e., Real-Time Linux as well as FreeRTOS) is also presented to show the effectiveness of the algorithms. We use two attack scenarios on real hardware platforms to show the value of the extracted side-channel information (i.e., aid attacks to reduce overheads and increase attack precision). The results indicate that our methods have a high success rate in reconstructing timing information and help advanced attacks in accomplishing their goals better.


page 1

page 2

page 3

page 4


A Reconnaissance Attack Mechanism for Fixed-Priority Real-Time Systems

In real-time embedded systems (RTS), failures due to security breaches c...

Concealing CAN Message Sequences to Prevent Schedule-based Bus-off Attacks

This work focuses on eliminating timing-side channels in real-time safet...

Analysis of Industrial Device Architectures for Real-Time Operations under Denial of Service Attacks

More and more industrial devices are connected to IP-based networks, as ...

A Case Study on Covert Channel Establishment via Software Caches in High-Assurance Computing Systems

Covert channels can be utilized to secretly deliver information from hig...

Safety vs. Security: Attacking Avionic Systems with Humans in the Loop

Many wireless communications systems found in aircraft lack standard sec...

Scanning the Cycle: Timing-based Authentication on PLCs

Programmable Logic Controllers (PLCs) are a core component of an Industr...

Towards a modeling and analysis environment for industrial IoT systems

The development of Industrial Internet of Things systems (IIoT) requires...