TY - GEN
T1 - Systematic security and timeliness tradeoffs in real-time embedded systems
AU - Kang, Kyoung Don
AU - Son, Sang H.
PY - 2006
Y1 - 2006
N2 - Real-time embedded systems are increasingly being networked. In distributed real-time embedded applications, e.g., electric grid management and command and control applications, it is required to not only meet real-time constraints but also support the data confidentiality, integrity, and authenticity. Unfortunately, in general, cryptographic functions are computationally expensive, possibly causing deadline misses in real-time embedded systems with limited resources. As a basis for cost-effective security support in real-time embedded systems, we define a quantitative notion of Strength of Defense (SoD). Based on the SoD concept, we propose a novel adaptive security policy in which the SoD can be degraded by decreasing the cryptographic key length for certain tasks, if necessary, to improve the success ratio under overload conditions. Our approach is lightweight. The time complexity of our approach is linear and its amortized version has the constant overhead per SoD adaptation period. Moreover, our approach supports desirable security features requiring an attacker to do extra work to find the cryptographic key. In the performance evaluation, we show that our approach can considerably improve the success ratio due to controlled SoD degradation under overload.
AB - Real-time embedded systems are increasingly being networked. In distributed real-time embedded applications, e.g., electric grid management and command and control applications, it is required to not only meet real-time constraints but also support the data confidentiality, integrity, and authenticity. Unfortunately, in general, cryptographic functions are computationally expensive, possibly causing deadline misses in real-time embedded systems with limited resources. As a basis for cost-effective security support in real-time embedded systems, we define a quantitative notion of Strength of Defense (SoD). Based on the SoD concept, we propose a novel adaptive security policy in which the SoD can be degraded by decreasing the cryptographic key length for certain tasks, if necessary, to improve the success ratio under overload conditions. Our approach is lightweight. The time complexity of our approach is linear and its amortized version has the constant overhead per SoD adaptation period. Moreover, our approach supports desirable security features requiring an attacker to do extra work to find the cryptographic key. In the performance evaluation, we show that our approach can considerably improve the success ratio due to controlled SoD degradation under overload.
UR - https://www.scopus.com/pages/publications/34547258129
U2 - 10.1109/RTCSA.2006.59
DO - 10.1109/RTCSA.2006.59
M3 - Conference contribution
AN - SCOPUS:34547258129
SN - 0769526764
SN - 9780769526768
T3 - Proceedings - 12th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications, RTCSA 2006
SP - 183
EP - 189
BT - 12th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications, RTCSA 2006
PB - IEEE Computer Society
T2 - 12th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications, RTCSA 2006
Y2 - 16 August 2006 through 18 August 2006
ER -