Information leakage can have dramatic consequences on the security of real-time systems. Timing leaks occur when an attacker is able to infer private behavior depending on timing information. In this work, we propose a definition of expiring timed opacity w.r.t. execution time, where a system is opaque whenever the attacker is unable to deduce the reachability of some private state solely based on the execution time; in addition, the secrecy is violated only when the private state was entered "recently", i.e., within a given time bound (or expiration date) prior to system completion. This has an interesting parallel with concrete applications, notably cache deducibility: it may be useless for the attacker to know the cache content too late after its observance. We study here expiring timed opacity problems in timed automata. We consider the set of time bounds (or expiration dates) for which a system is opaque and show when they can be effectively computed for timed automata. We then study the decidability of several parameterized problems, when not only the bounds, but also some internal timing constants become timing parameters of unknown constant values.

翻译：信息泄露可能对实时系统的安全性造成严重影响。当攻击者能够依据时间信息推断出隐私行为时，便会发生时间侧信道泄露。本文针对执行时间提出了一种过期时间不透明性的定义：当攻击者仅凭执行时间无法推断出某些私密状态的可达性时，系统即具有不透明性；此外，仅当私密状态在系统完成前“近期”（即给定时间界限或有效期）内被进入时，秘密才会被泄露。这一概念与具体应用存在有趣的对应关系，尤其在缓存可推断性方面：攻击者在检测到缓存内容后过久才获知其信息，可能毫无意义。本文研究了时间自动机中的过期时间不透明性问题。我们考虑系统具有不透明性的时间界限（或有效期）集合，并证明该集合在时间自动机情形下可有效计算。随后进一步研究多个参数化问题的可判定性——即当不仅时间界限未知，某些内部时序常数也成为未知定值的时序参数时的情况。