Period Adaptation for Continuous Security Monitoring in Multicore Real-Time Systems

Monowar Hasana, Sibin Mohanb, Rodolfo Pellizzonic and Rakesh B. Bobbad

amhasan11@illinois.edu
bsibin@illinois.edu
crodolfo.pellizzoni@uwaterloo.ca
drakesh.bobba@oregonstate.edu

ABSTRACT

We propose HYDRA-C, a design-time evaluation framework for integrating monitoring mechanisms in multicore real-time systems (RTS). Our goal is to ensure that security (or other monitoring) mechanisms execute in a “continuous” manner – i.e., as often as possible, across cores. This is to ensure that any such mechanisms run with few interruptions, if any. HYDRA-C is intended to allow designers of RTS to integrate monitoring mechanisms without perturbing existing timing properties or execution orders. We demonstrate the framework using a proof-of-concept implementation with intrusion detection mechanisms as security tasks. We develop and use both, (a) a custom intrusion detection system (IDS) as well as (b) Tripwire – an open source data integrity checking tool. We compare the performance of HYDRA-C with a state-of-the-art multicore RT security integration approach and find that our method does not impact the schedulability and, on average, can detect intrusions 19.05% faster without impacting the performance of RT tasks.



Full Text (PDF)