Real-time cyber-physical systems depend on deterministic task execution to guarantee safety and correctness. Unfortunately, this determinism can unintentionally expose timing information that enables adversaries to infer task execution patterns and carry out timing-based attacks targeting safety-critical control tasks. While prior defenses aim to obscure schedules through randomization or isolation, they typically neglect the implications of such modifications on closed-loop control behavior and real-time feasibility. This work studies the problem of securing real-time control workloads against timing inference attacks while explicitly accounting for both schedulability constraints and control performance requirements. We present a scheduling-based mitigation approach that introduces bounded timing perturbations to control task executions in a structured manner, reducing adversarial opportunities without violating real-time guarantees. The framework jointly considers worst-case execution behavior and the impact of execution delays on control performance, enabling the system to operate within predefined safety and performance limits. Through experimental evaluation on representative task sets and control scenarios, the proposed approach demonstrates that exposure to timing-based attacks can be significantly reduced while preserving predictable execution and acceptable control quality.

翻译：实时信息物理系统依赖确定性任务执行来保障安全性与正确性。然而，这种确定性可能无意中暴露时序信息，使攻击者能够推断任务执行模式，并针对安全关键控制任务实施时序攻击。现有防御方法主要通过随机化或隔离机制来模糊调度策略，但通常忽略了此类修改对闭环控制行为及实时可行性的影响。本研究探讨在明确考虑可调度性约束与控制性能要求的前提下，保护实时控制工作负载免受时序推断攻击的问题。我们提出一种基于调度的缓解方法，该方法以结构化方式对控制任务执行引入有界时序扰动，在确保不违反实时性保障的前提下减少攻击机会。该框架同时考虑了最坏情况执行行为以及执行延迟对控制性能的影响，使系统能够在预定义的安全与性能界限内运行。通过对代表性任务集与控制场景的实验评估，所提方法证明在保持可预测执行与可接受控制质量的同时，能够显著降低系统遭受时序攻击的风险。