Avoiding timing channels in fixed-priority schedulers

Völp, Marcus; Hamann, C.; Härtig, Hermann

doi:10.1145/1368310.1368320

Cited by 27 publications

(32 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…φ i takes as a parameter the schedule up to time t − 1 to produce the prospective action of τ i for time t. S in turn takes this result to produce the schedule for time t and so on. Figure 1 illustrates this interlaced evaluation for a secure fixed-priority scheduler taken from [13].…”

Section: The Type Of the Characteristic Functionmentioning

confidence: 99%

“…Global resource accesses cannot influence the local execution on a processor. However, a blockingaware schedulability analysis must consider the times when a non-interference secure scheduler prohibits local tasks from running while a higher prioritized task awaits the completion of a remote resource request [13]. MPCP, in contrast to the generalized multiprocessor priority ceiling protocol, executes only the newly spawned jobs on the synchronization processor.…”

Section: Multiprocessor Priority Ceiling Protocol (Mpcp)mentioning

confidence: 99%

“…Of course there are several covert channels due to the variability in execution due to the scheduler (see e.g., Foss et al [12] and Völp et al [13]). In this work we shall ignore these channels in the sense that we prove a conditional statement: if the underlying scheduler is non-interference secure, then downward donation preserves this property and downwarddonating protocols prevent the exploitation of shared resource timing channels.…”

Section: Introductionmentioning

confidence: 99%

“…We discard non-predictable protocols from our analysis as they are not suited for realtime systems. Non-preemptive protocols, such as the flexible multiprocessor locking protocol (FMLP) [16], require other mechanisms to prevent leakage due to non-preemptive execution [13]. As usual, we assume all resource accesses are coordinated by a single instance of the locking protocol.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

On confidentiality-preserving real-time locking protocols

Völp

Engel

Hamann

et al. 2013

2013 IEEE 19th Real-Time and Embedded Technology and Applications Symposium (RTAS)

View full text Add to dashboard Cite

Coordinating access to shared resources is a challenging task, in particular if real-time and security aspects have to be integrated into the same system. However, rather than exacerbating the problem, we found that considering real-time guarantees actually simplifies the security problem of preventing information leakage over shared-resource covert channels. We introduce a transformation for standard real-time resource locking protocols and show that protocols transformed in this way preserve the confidentiality guarantees of the schedulers on which they are based. Through this transformation, we were able to prove that four out of the seven investigated protocols are information-flow secure.

show abstract

Section: The Type Of the Characteristic Functionmentioning

confidence: 99%

Section: Multiprocessor Priority Ceiling Protocol (Mpcp)mentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

On confidentiality-preserving real-time locking protocols

Völp

Engel

Hamann

et al. 2013

2013 IEEE 19th Real-Time and Embedded Technology and Applications Symposium (RTAS)

View full text Add to dashboard Cite

show abstract

“…So Hu et al [17] adds noise to timing sources and event delivery to reduces the bandwidth of covert timing channels. Marcus Völp et al [18] proposed a practically feasible modification to fixed-priority schedulers allows to avoid timing channels despite threads having access to precise clocks.…”

Section: Related Workmentioning

confidence: 99%

A Covert Timing Channel via Algorithmic Complexity Attacks: Design and Analysis

Sun

Cheng

Zhang

2011

2011 IEEE International Conference on Communications (ICC)

View full text Add to dashboard Cite

A covert channel is a communication channel that bypasses the access controls of the system, and it is a threat to the system's security. In this paper, we propose a new covert timing channel which exploits the algorithmic complexity vulnerabilities in the name lookup algorithm of the kernel. This covert channel has a high capacity and it is practically exploitable. In our experiments, the data rate reaches 2256 bps under a very low error rate. This data rate is high enough for practical use. So our covert channel is dangerous. To our knowledge, no previous works propose this covert channel nor implement it.We describe our design and implementation of the covert channel on a SELinux system, discuss the subtle issues that arose in the design, present performance data of the covert channel and analyse its capacity.

show abstract

Covert Timing Channel Design for Uniprocessor Real-Time Systems

Kwak

Lee

2019

Parallel and Distributed Computing, Applications and Technologies

View full text Add to dashboard Cite

Avoiding timing channels in fixed-priority schedulers

Cited by 27 publications

References 25 publications

On confidentiality-preserving real-time locking protocols

On confidentiality-preserving real-time locking protocols

A Covert Timing Channel via Algorithmic Complexity Attacks: Design and Analysis

Covert Timing Channel Design for Uniprocessor Real-Time Systems

Contact Info

Product

Resources

About