Timing Covert Channel Analysis of the VxWorks MILS Embedded Hypervisor under the Common Criteria Security Certification

04/28/2021
by   Domenico Cotroneo, et al.
0

Virtualization technology is nowadays adopted in security-critical embedded systems to achieve higher performance and more design flexibility. However, it also comes with new security threats, where attackers leverage timing covert channels to exfiltrate sensitive information from a partition using a trojan. This paper presents a novel approach for the experimental assessment of timing covert channels in embedded hypervisors, with a case study on security assessment of a commercial hypervisor product (Wind River VxWorks MILS), in cooperation with a licensed laboratory for the Common Criteria security certification. Our experimental analysis shows that it is indeed possible to establish a timing covert channel, and that the approach is useful for system designers for assessing that their configuration is robust against this kind of information leakage.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 7

04/27/2015

Deterministically Deterring Timing Attacks in Deterland

The massive parallelism and resource sharing embodying today's cloud bus...
02/25/2020

PASCAL: Timing SCA Resistant Design and Verification Flow

A large number of crypto accelerators are being deployed with the widesp...
04/05/2018

Timing Channel in IaaS: How to Identify and Investigate

Recently, the IaaS (Infrastructure as a Service) Cloud (e.g., Amazon EC2...
01/24/2019

Can We Prove Time Protection?

Timing channels are a significant and growing security threat in compute...
03/27/2010

Determinating Timing Channels in Compute Clouds

Timing side-channels represent an insidious security challenge for cloud...
06/26/2019

Security Rating Metrics for Distributed Wireless Systems

The paper examines quantitative assessment of wireless distribution syst...
08/21/2015

A Case Study on Covert Channel Establishment via Software Caches in High-Assurance Computing Systems

Covert channels can be utilized to secretly deliver information from hig...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.