Embedded computing systems are becoming increasingly relevant in the Internet of Things (IoT) and edge computing domains, where they are often employed as the control entity of a cyber-physical system. When operating in such interconnected domains, a software system is susceptible to cyber-attacks from external agents, which can compromise the correct behavior of the system. In addition, the software executing in these systems is typically characterized by stringent timing constraints, which must be satisfied during system execution. Enabling software protections to enhance the security level of the embedded software comes at the cost of increasing the computation times of the tasks, introducing the risk of deadline misses that could also jeopardize the system behavior. This paper presents a methodology to optimize the security level of real-time software while preserving system-wide schedulability by leveraging timing analysis. The proposed approach is based on a mixed-integer linear programming (MILP) formulation that maximizes the security level of the tasks and integrates a response-time analysis technique to assess the schedulability of the system whenever additional protections are activated to shield the software against cyber-attacks targeting specific classes of vulnerabilities. An experimental evaluation is presented to assess the performance of the proposed approach on a representative set of tasks included in standard benchmarking suites for embedded software.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.