Tesi etd-12302022-231904
Link copiato negli appunti
Tipo di tesi
Dottorato
Autore
FARA, PIETRO
URN
etd-12302022-231904
Titolo
Improving safety and security on real-time safety-critical systems
Settore scientifico disciplinare
ING-INF/05
Corso di studi
Istituto di Tecnologie della Comunicazione, dell'Informazione e della Percezione - PHD IN EMERGING DIGITAL TECHNOLOGIES
Commissione
Presidente Prof. CUCINOTTA, TOMMASO
Membro Prof.ssa PALUMBO, FRANCESCA
Membro Prof. CRESPO, Alfons
Relatore Prof. BUTTAZZO, GIORGIO CARLO
Membro Prof.ssa PALUMBO, FRANCESCA
Membro Prof. CRESPO, Alfons
Relatore Prof. BUTTAZZO, GIORGIO CARLO
Parole chiave
- real-time
- real-time systems
- safety-critical
- safety
- security
- voting
- response-time analysis
Data inizio appello
03/07/2023;
Disponibilità
completa
Riassunto analitico
In the last decade, the interest in improving safety and security in railway, avionic, aerospace, and automotive fields has increased. Systems designed for such areas are also called safety-critical systems, in which a failure or malfunction can lead to serious risks to human life or severe damage to equipment/property. The main objectives of this work are to improve safety through new methodologies on redundant architectures, improve security using control-flow integrity mechanisms that may indirectly improve safety, and propose a brand new method to exploit real-time features to the programmers in order to make their work easier and less error-prone.
When systems have some redundant computational parts, a voting strategy must be applied in order to check if the whole system is working properly. A new scheduling approach for voting routines inspired by the Logical Execution Time (LET) paradigm under 2-out-of-2 redundancy architecture was proposed. Instead of doing the voting part as soon as a task is ready to vote data, the voting phase is delayed at the end of the tasks’ periods and delegated to dedicated tasks. A response-time analysis for real-time tasks and scheduling voting-related activities have been made. Furthermore, an analysis of queuing effects and worst-case transmission delays introduced during inter-replica
communications have been proposed.
In terms of security, a control-flow integrity methodology called PAC-PL, inspired by the Pointer Authentication Code (PAC) designed by ARM, was proposed. The PAC technology is used to sign and authenticate pointers with a secret key in order to mitigate attacks that may corrupt their content. This technology may also be used to authenticate the return address of a function and improve control-flow integrity. In this work, platforms that don’t implement such security feature but provide programmable logic (also known as FPGA) can improve cyber-security through implementing PAC-PL. In addition, a secure key-management methodology leveraging the virtualization layer is proposed.
On the userspace side, a novel real-time POSIX-compliant framework called Real-Time Framework (ReTiF) was designed and developed. The main goal of ReTiF is to provide an API to programmers to improve the usability of existing real-time capabilities exposed by POSIX-compliant operating systems. In particular, the API lets the programmer declare temporal characteristics of real-time tasks (such as period, deadline, computation time, and priority) in a simplified way. The framework then is in charge of choosing the best scheduling policy to satisfy these requirements.
When systems have some redundant computational parts, a voting strategy must be applied in order to check if the whole system is working properly. A new scheduling approach for voting routines inspired by the Logical Execution Time (LET) paradigm under 2-out-of-2 redundancy architecture was proposed. Instead of doing the voting part as soon as a task is ready to vote data, the voting phase is delayed at the end of the tasks’ periods and delegated to dedicated tasks. A response-time analysis for real-time tasks and scheduling voting-related activities have been made. Furthermore, an analysis of queuing effects and worst-case transmission delays introduced during inter-replica
communications have been proposed.
In terms of security, a control-flow integrity methodology called PAC-PL, inspired by the Pointer Authentication Code (PAC) designed by ARM, was proposed. The PAC technology is used to sign and authenticate pointers with a secret key in order to mitigate attacks that may corrupt their content. This technology may also be used to authenticate the return address of a function and improve control-flow integrity. In this work, platforms that don’t implement such security feature but provide programmable logic (also known as FPGA) can improve cyber-security through implementing PAC-PL. In addition, a secure key-management methodology leveraging the virtualization layer is proposed.
On the userspace side, a novel real-time POSIX-compliant framework called Real-Time Framework (ReTiF) was designed and developed. The main goal of ReTiF is to provide an API to programmers to improve the usability of existing real-time capabilities exposed by POSIX-compliant operating systems. In particular, the API lets the programmer declare temporal characteristics of real-time tasks (such as period, deadline, computation time, and priority) in a simplified way. The framework then is in charge of choosing the best scheduling policy to satisfy these requirements.
File
Nome file | Dimensione |
---|---|
PhD_Thes...iewed.pdf | 3.52 Mb |
Contatta l'autore |