Modern Cyber-Physical Systems (CPSs) consist of numerous control units interconnected by communication networks. Each control unit executes multiple safety-critical and non-critical tasks in real-time. Most of the safety-critical tasks are executed with a fixed sampling period to ensure deterministic timing behaviour that helps in its safety and performance analysis. However, adversaries can exploit this deterministic behaviour of safety-critical tasks to launch inference-based-based attacks on them. This paper aims to prevent and minimize the possibility of such timing inference or schedule-based attacks to compromise the control units. This is done by switching between strategically chosen execution rates of the safety-critical control tasks such that their performance remains unhampered. Thereafter, we present a novel schedule vulnerability analysis methodology to switch between valid schedules generated for these multiple periodicities of the control tasks in run time. Utilizing these strategies, we introduce a novel Multi-Rate Attack-Aware Randomized Scheduling (MAARS) framework for preemptive fixed-priority schedulers that minimize the success rate of timing-inference-based attacks on safety-critical real-time systems. To our knowledge, this is the first work to propose a schedule randomization method with attack awareness that preserves both the control and scheduling aspects. The efficacy of the framework in terms of attack prevention is finally evaluated on several automotive benchmarks in a Hardware-in-loop (HiL) environment.

翻译：现代信息物理系统（CPS）由众多通过通信网络互连的控制单元构成。每个控制单元需实时执行多个安全关键型与非关键型任务。为确保确定性时序行为（这有助于其安全性与性能分析），大多数安全关键型任务以固定采样周期执行。然而，攻击者可利用安全关键型任务的这种确定性行为，对其发起基于推断的攻击。本文旨在通过防止并最小化此类时序推断或基于调度的攻击危害控制单元的可能性。具体方法是在策略性选择的安全关键控制任务执行速率之间进行切换，同时保持其性能不受影响。随后，我们提出一种新颖的调度脆弱性分析方法，用于在运行时为控制任务的多重周期所生成的有效调度方案之间进行切换。基于这些策略，我们提出一种面向抢占式固定优先级调度器的新型多速率攻击感知随机调度（MAARS）框架，该框架能最大限度地降低针对安全关键实时系统的时序推断攻击成功率。据我们所知，这是首个提出兼顾控制与调度特性、且具备攻击感知能力的调度随机化方法的研究。最后，通过在硬件在环（HiL）环境中对多个汽车基准测试案例进行评估，验证了该框架在攻击防御方面的有效性。