Enforcing full-stack memory-safety in cyber-physical systems

"Memory-safety attacks are one of the most critical threats against Cyber-Physical Systems (CPS). As opposed to mainstream systems, CPS often impose stringent timing constraints. Given such timing constraints, how can we protect CPS from memory-safety attacks? In this paper, we propose a full-s...

Descripción completa

Detalles Bibliográficos
Autores Principales: Chekole E.G., Chattopadhyay S., Ochoa M., Huaqun G.
Formato: Objeto de conferencia (Conference Object)
Lenguaje:Inglés (English)
Publicado: Springer Verlag 2018
Materias:
Acceso en línea:https://repository.urosario.edu.co/handle/10336/22524
https://doi.org/10.1007/978-3-319-94496-8_2
id ir-10336-22524
recordtype dspace
spelling ir-10336-225242020-06-03T22:15:04Z Enforcing full-stack memory-safety in cyber-physical systems Chekole E.G. Chattopadhyay S. Ochoa M. Huaqun G. Computation theory Cyber Physical System Embedded systems Logic programming Real time systems Water treatment Attack detection Computational logic Cyber-Physical System (CPS) Execution time Memory safety Real time constraints Stack memory Timing constraints Safety engineering "Memory-safety attacks are one of the most critical threats against Cyber-Physical Systems (CPS). As opposed to mainstream systems, CPS often impose stringent timing constraints. Given such timing constraints, how can we protect CPS from memory-safety attacks? In this paper, we propose a full-stack memory-safety attack detection method to address this challenge. We also quantify the notion of tolerability of memory-safety overheads (MSO) in terms of the expected real-time constraints of a typical CPS. We implemented and evaluated our proposed solution on a real-world Secure Water Treatment (SWaT) testbed. Concretely, we show that our proposed solution incurs a memory-safety overhead of 419.91 µs, which is tolerable for the real-time constraints imposed by the SWaT system. Additionally, We also discuss how different parameters of a typical CPS will impact the execution time of the CPS computational logic and memory safety overhead. © Springer International Publishing AG, part of Springer Nature 2018." 2018 2020-05-25T23:56:48Z info:eu-repo/semantics/conferenceObject info:eu-repo/semantics/publishedVersion https://repository.urosario.edu.co/handle/10336/22524 https://doi.org/10.1007/978-3-319-94496-8_2 eng info:eu-repo/semantics/openAccess application/pdf Springer Verlag instname:Universidad del Rosario reponame:Repositorio Institucional EdocUR
institution EdocUR - Universidad del Rosario
collection DSpace
language Inglés (English)
topic Computation theory
Cyber Physical System
Embedded systems
Logic programming
Real time systems
Water treatment
Attack detection
Computational logic
Cyber-Physical System (CPS)
Execution time
Memory safety
Real time constraints
Stack memory
Timing constraints
Safety engineering
spellingShingle Computation theory
Cyber Physical System
Embedded systems
Logic programming
Real time systems
Water treatment
Attack detection
Computational logic
Cyber-Physical System (CPS)
Execution time
Memory safety
Real time constraints
Stack memory
Timing constraints
Safety engineering
Chekole E.G.
Chattopadhyay S.
Ochoa M.
Huaqun G.
Enforcing full-stack memory-safety in cyber-physical systems
description "Memory-safety attacks are one of the most critical threats against Cyber-Physical Systems (CPS). As opposed to mainstream systems, CPS often impose stringent timing constraints. Given such timing constraints, how can we protect CPS from memory-safety attacks? In this paper, we propose a full-stack memory-safety attack detection method to address this challenge. We also quantify the notion of tolerability of memory-safety overheads (MSO) in terms of the expected real-time constraints of a typical CPS. We implemented and evaluated our proposed solution on a real-world Secure Water Treatment (SWaT) testbed. Concretely, we show that our proposed solution incurs a memory-safety overhead of 419.91 µs, which is tolerable for the real-time constraints imposed by the SWaT system. Additionally, We also discuss how different parameters of a typical CPS will impact the execution time of the CPS computational logic and memory safety overhead. © Springer International Publishing AG, part of Springer Nature 2018."
format Objeto de conferencia (Conference Object)
author Chekole E.G.
Chattopadhyay S.
Ochoa M.
Huaqun G.
author_facet Chekole E.G.
Chattopadhyay S.
Ochoa M.
Huaqun G.
author_sort Chekole E.G.
title Enforcing full-stack memory-safety in cyber-physical systems
title_short Enforcing full-stack memory-safety in cyber-physical systems
title_full Enforcing full-stack memory-safety in cyber-physical systems
title_fullStr Enforcing full-stack memory-safety in cyber-physical systems
title_full_unstemmed Enforcing full-stack memory-safety in cyber-physical systems
title_sort enforcing full-stack memory-safety in cyber-physical systems
publisher Springer Verlag
publishDate 2018
url https://repository.urosario.edu.co/handle/10336/22524
https://doi.org/10.1007/978-3-319-94496-8_2
_version_ 1669098255677390848
score 10,844952