Abstract
Security in CPS-based real-time embedded systems controlling the power grid has been an afterthought, but it is becoming a critical issue as CPS systems are networked and inter-dependent. This work presents a set of mechanisms for timebased intrusion detection, i.e., the execution of unauthorized instructions in realtime CPS environments. The novelty is the utilization of information obtained by static timing analysis for intrusion detection. Real-time CPS systems are unique in that timing bounds on code sections are readily available since they are required for schedulability analysis.We demonstrate how micro-timings can be exploited for multiple granularity levels of application code to track execution progress. Through bounds checking of these micro-timings, we develop techniques to detect intrusions (1) in a self-checking manner by the application and (2) through the operating system scheduler, which are novel contributions to the real-time/embedded systems domain to the best of our knowledge.
Original language | English |
---|---|
Pages (from-to) | 329-358 |
Number of pages | 30 |
Journal | Power Systems |
Volume | 79 |
DOIs | |
State | Published - 2015 |
Externally published | Yes |
Funding
This work was supported in part by NSF grants 1329780, 1239246, 0812121 and U.S. Army Research Office (ARO) grant W911NF-08-1-0105 managed by NCSU Secure Open Systems Initiative (SOSI). This is an extended version of a prior conference paper [50].
Funders | Funder number |
---|---|
Army Research Office | |
National Science Foundation | |
National Science Foundation | 1239246, 0812121, 1329780 |
Army Research Office | W911NF-08-1-0105 |
North Carolina State University |