Files
Download Full Text (451 KB)
Description
Real Time Operating Systems (RTOS) are increasing present throughout the industrial, business, defense, and healthcare spaces. These lightweight and efficient operating systems are designed to run on embedded, resource constrained devices, often within cyber-physical systems (CFS). A defining characteristic of RTOSs is that they are deterministic. Tasks are scheduled to run on fixed timelines within guaranteed execution windows. To accomplish tasks on time, real time software must conform to worst case execution times (WCETs) as design parameters. WCET is the maximum time a particular task can take to complete. Exceeding the WCET could cause system failure and lead to damage, injury or even death. Thus, if the system exceeds its WCET estimate it could be assumed anomalous activity is occurring in the software. Unfortunately, many of the systems using RTOSs are extremely resource constrained because they have limited power, computing capacity, and memory. All these factors make security controls difficult since conventional security mechanisms put a burden on already strained resources.
This research aims to determine the viability of using out-of-system timing cues to detect timing anomalies in cyber-physical systems, which could indicate some form of attack. This approach would use physical manifestations of the beginning and end of execution of code regions and compare observed execution time to the expected WCET to detect timing anomalies. We will use existing processes to determine the WCET of the selected measurement regions and develop a prototype system to compare the actual execution time bounded by GPIO activity with the calculated WCET of the measurement regions. We will test the system by injecting additional code into the measurement regions to determine if the dynamically calculated WCET are exceeded.
Publication Date
3-2025
Department
Information Systems & Technology
City
Mobile
Disciplines
Cybersecurity | Databases and Information Systems | Information Security | OS and Networks | Other Computer Sciences
Recommended Citation
Holifield, Jeff K., "Out-of-band Anomaly Detection for Real Time Operating Systems" (2025). Shelby Hall Graduate Research Forum Posters. 2.
https://jagworks.southalabama.edu/southalabama-shgrf-posters/2
Included in
Cybersecurity Commons, Databases and Information Systems Commons, Information Security Commons, OS and Networks Commons, Other Computer Sciences Commons
