A rigorous and efficient run-time security monitor for real-time critical embedded system applications

Muhammad Taimoor Khan, Dimitrios Serpanos, Howard Shrobe

Research output: Chapter in Book/Report/Conference proceedingConference contribution

9 Citations (Scopus)

Abstract

We introduce a run-time security monitor for embedded system applications that detects both known and unknown computational cyber-attacks. Our security monitor is rigorous (i.e. sound and complete), eliminating false alarms, as well as efficient, supporting real-time detection. In contrast, conventional run-time security monitors for application software either produce (high rates of) false alarms (e.g. intrusion detection systems) or limit application performance (e.g. run-time verification systems). Such monitors are typically non-adaptive against constantly changing attacks of variable extent. Our run-time monitor detects attacks by checking the consistency between the application run-time behavior and its specified (expected) behavior model. Our specification language is based on monadic second order logic and event calculus interpreted over algebraic data structures; the application implementation can be in any programming language. Based on our defined denotational semantics of the specification language, we prove that the security monitor is sound and complete, i.e. it produces an alarm iff it detects an inconsistency between the application execution and the specified behavior. Importantly, the monitor detects not only cyber-attacks but all behavioral deviations from specification, e.g. bugs, and so, is readily applicable to the security of legacy systems. Through an application of our prototype monitor to a PID controller for a feedwater tank, we demonstrate that rigorous run-time monitors employing verification techniques are effective, efficient and readily applicable to demanding real-time critical systems, without scalability limitations.

Original languageEnglish
Title of host publication2016 IEEE 3rd World Forum on Internet of Things, WF-IoT 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages100-105
Number of pages6
ISBN (Electronic)9781509041305
DOIs
Publication statusPublished - 6 Feb 2017
Event3rd IEEE World Forum on Internet of Things, WF-IoT 2016 - Reston, United States
Duration: 12 Dec 201614 Dec 2016

Other

Other3rd IEEE World Forum on Internet of Things, WF-IoT 2016
CountryUnited States
CityReston
Period12/12/1614/12/16

Fingerprint

Embedded systems
Specification languages
Acoustic waves
Legacy systems
Intrusion detection
Application programs
Computer programming languages
Data structures
Scalability
Semantics
Specifications
Controllers

ASJC Scopus subject areas

  • Computer Science Applications
  • Computer Networks and Communications
  • Hardware and Architecture

Cite this

Khan, M. T., Serpanos, D., & Shrobe, H. (2017). A rigorous and efficient run-time security monitor for real-time critical embedded system applications. In 2016 IEEE 3rd World Forum on Internet of Things, WF-IoT 2016 (pp. 100-105). [7845510] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/WF-IoT.2016.7845510

A rigorous and efficient run-time security monitor for real-time critical embedded system applications. / Khan, Muhammad Taimoor; Serpanos, Dimitrios; Shrobe, Howard.

2016 IEEE 3rd World Forum on Internet of Things, WF-IoT 2016. Institute of Electrical and Electronics Engineers Inc., 2017. p. 100-105 7845510.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Khan, MT, Serpanos, D & Shrobe, H 2017, A rigorous and efficient run-time security monitor for real-time critical embedded system applications. in 2016 IEEE 3rd World Forum on Internet of Things, WF-IoT 2016., 7845510, Institute of Electrical and Electronics Engineers Inc., pp. 100-105, 3rd IEEE World Forum on Internet of Things, WF-IoT 2016, Reston, United States, 12/12/16. https://doi.org/10.1109/WF-IoT.2016.7845510
Khan MT, Serpanos D, Shrobe H. A rigorous and efficient run-time security monitor for real-time critical embedded system applications. In 2016 IEEE 3rd World Forum on Internet of Things, WF-IoT 2016. Institute of Electrical and Electronics Engineers Inc. 2017. p. 100-105. 7845510 https://doi.org/10.1109/WF-IoT.2016.7845510
Khan, Muhammad Taimoor ; Serpanos, Dimitrios ; Shrobe, Howard. / A rigorous and efficient run-time security monitor for real-time critical embedded system applications. 2016 IEEE 3rd World Forum on Internet of Things, WF-IoT 2016. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 100-105
@inproceedings{86ac5f605bcb426091a707e44867773e,
title = "A rigorous and efficient run-time security monitor for real-time critical embedded system applications",
abstract = "We introduce a run-time security monitor for embedded system applications that detects both known and unknown computational cyber-attacks. Our security monitor is rigorous (i.e. sound and complete), eliminating false alarms, as well as efficient, supporting real-time detection. In contrast, conventional run-time security monitors for application software either produce (high rates of) false alarms (e.g. intrusion detection systems) or limit application performance (e.g. run-time verification systems). Such monitors are typically non-adaptive against constantly changing attacks of variable extent. Our run-time monitor detects attacks by checking the consistency between the application run-time behavior and its specified (expected) behavior model. Our specification language is based on monadic second order logic and event calculus interpreted over algebraic data structures; the application implementation can be in any programming language. Based on our defined denotational semantics of the specification language, we prove that the security monitor is sound and complete, i.e. it produces an alarm iff it detects an inconsistency between the application execution and the specified behavior. Importantly, the monitor detects not only cyber-attacks but all behavioral deviations from specification, e.g. bugs, and so, is readily applicable to the security of legacy systems. Through an application of our prototype monitor to a PID controller for a feedwater tank, we demonstrate that rigorous run-time monitors employing verification techniques are effective, efficient and readily applicable to demanding real-time critical systems, without scalability limitations.",
author = "Khan, {Muhammad Taimoor} and Dimitrios Serpanos and Howard Shrobe",
year = "2017",
month = "2",
day = "6",
doi = "10.1109/WF-IoT.2016.7845510",
language = "English",
pages = "100--105",
booktitle = "2016 IEEE 3rd World Forum on Internet of Things, WF-IoT 2016",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - A rigorous and efficient run-time security monitor for real-time critical embedded system applications

AU - Khan, Muhammad Taimoor

AU - Serpanos, Dimitrios

AU - Shrobe, Howard

PY - 2017/2/6

Y1 - 2017/2/6

N2 - We introduce a run-time security monitor for embedded system applications that detects both known and unknown computational cyber-attacks. Our security monitor is rigorous (i.e. sound and complete), eliminating false alarms, as well as efficient, supporting real-time detection. In contrast, conventional run-time security monitors for application software either produce (high rates of) false alarms (e.g. intrusion detection systems) or limit application performance (e.g. run-time verification systems). Such monitors are typically non-adaptive against constantly changing attacks of variable extent. Our run-time monitor detects attacks by checking the consistency between the application run-time behavior and its specified (expected) behavior model. Our specification language is based on monadic second order logic and event calculus interpreted over algebraic data structures; the application implementation can be in any programming language. Based on our defined denotational semantics of the specification language, we prove that the security monitor is sound and complete, i.e. it produces an alarm iff it detects an inconsistency between the application execution and the specified behavior. Importantly, the monitor detects not only cyber-attacks but all behavioral deviations from specification, e.g. bugs, and so, is readily applicable to the security of legacy systems. Through an application of our prototype monitor to a PID controller for a feedwater tank, we demonstrate that rigorous run-time monitors employing verification techniques are effective, efficient and readily applicable to demanding real-time critical systems, without scalability limitations.

AB - We introduce a run-time security monitor for embedded system applications that detects both known and unknown computational cyber-attacks. Our security monitor is rigorous (i.e. sound and complete), eliminating false alarms, as well as efficient, supporting real-time detection. In contrast, conventional run-time security monitors for application software either produce (high rates of) false alarms (e.g. intrusion detection systems) or limit application performance (e.g. run-time verification systems). Such monitors are typically non-adaptive against constantly changing attacks of variable extent. Our run-time monitor detects attacks by checking the consistency between the application run-time behavior and its specified (expected) behavior model. Our specification language is based on monadic second order logic and event calculus interpreted over algebraic data structures; the application implementation can be in any programming language. Based on our defined denotational semantics of the specification language, we prove that the security monitor is sound and complete, i.e. it produces an alarm iff it detects an inconsistency between the application execution and the specified behavior. Importantly, the monitor detects not only cyber-attacks but all behavioral deviations from specification, e.g. bugs, and so, is readily applicable to the security of legacy systems. Through an application of our prototype monitor to a PID controller for a feedwater tank, we demonstrate that rigorous run-time monitors employing verification techniques are effective, efficient and readily applicable to demanding real-time critical systems, without scalability limitations.

UR - http://www.scopus.com/inward/record.url?scp=85015172749&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85015172749&partnerID=8YFLogxK

U2 - 10.1109/WF-IoT.2016.7845510

DO - 10.1109/WF-IoT.2016.7845510

M3 - Conference contribution

AN - SCOPUS:85015172749

SP - 100

EP - 105

BT - 2016 IEEE 3rd World Forum on Internet of Things, WF-IoT 2016

PB - Institute of Electrical and Electronics Engineers Inc.

ER -