@inproceedings{01c8a33e6b754e9797dd3810da9c365a,
title = "TimeDice: Schedulability-Preserving Priority Inversion for Mitigating Covert Timing Channels Between Real-time Partitions",
abstract = "Timing predictability is a precondition for successful communication over a covert timing channel. Real-time systems are particularly vulnerable to timing channels because real-time applications can easily have temporal locality due to limited uncertainty in schedules. In this paper, we show that real-time applications can create hidden information flow even when the temporal isolation among the time partitions is strictly enforced. We then introduce an online algorithm that randomizes time-partition schedules to reduce the temporal locality, while guaranteeing the schedulability of, and thus the temporal isolation among, time partitions. We also present an analysis of the cost of the randomization on the responsiveness of real-time tasks. From an implementation on a Linux-based real-time operating system, we validate the analysis and evaluate the scheduling overhead as well as the impact on an experimental real-time system.",
keywords = "covert channel, real-time systems, timing channel",
author = "Yoon, {Man Ki} and Kim, {Jung Eun} and Richard Bradford and Zhong Shao",
note = "Funding Information: VII. CONCLUSION In this paper, we have demonstrated techniques that exploit a priority-based time-partitioning to create a covert timing channel between real-time partitions. As a solution, we have presented TIMEDICE, an online algorithm that reduces observable determinism in partition schedules by randomly allowing priority inversions while guaranteeing CPU budgets allocated to partitions. We have shown that TIMEDICE significantly raises the bar against the timing-based algorithmic covert channel and that it is more effective when the system is configured in a favorable way to an adversary. TIMEDICE will allow modern real-time systems to employ advanced functionalities enabled by a rich software ecosystem by increasing the level of security in the integration of real-time applications. ACKNOWLEDGMENTS The authors would like to thank the anonymous reviewers and the shepherd, Le Guan, for their valuable comments and suggestions. This work is supported in part by NSF grants 1945541 and 2019285, the Defense Advanced Research Projects Agency (DARPA) and Naval Information Warfare Center Pacific (NIWC Pacific) under Contract No. N66001-21-C-4018. Any opinions, findings, and conclusions or recommendations expressed here are those of the authors and do not necessarily reflect the views of their employers or sponsors. Publisher Copyright: {\textcopyright} 2022 IEEE.; 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2022 ; Conference date: 27-06-2022 Through 30-06-2022",
year = "2022",
doi = "10.1109/DSN53405.2022.00052",
language = "English (US)",
series = "Proceedings - 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2022",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "453--465",
booktitle = "Proceedings - 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2022",
}