CRNov 22, 2021
Survey of Control-Flow Integrity Techniques for Embedded and Real-Time Embedded SystemsTanmaya Mishra, Thidapat Chantem, Ryan Gerdes
Computing systems, including real-time embedded systems, are becoming increasingly connected to allow for more advanced and safer operation. Such embedded systems are resource-constrained, such as lower processing capabilities, as compared to general purpose computing systems like desktops or servers. However, allowing external interfaces to such embedded systems increases their exposure to attackers. With an increase in attacks against embedded systems ranging from home appliances to industrial control systems operating critical equipment that have hard real-time requirements, it is imperative that defense mechanisms be created that explicitly consider such resource and real-time constraints constraints. Control-flow integrity (CFI) is a family of defense mechanisms that prevent attackers from modifying the flow of execution. We survey CFI techniques, ranging from the basic to state-of-the-art, that are built for embedded systems and real-time embedded systems and find that there is a dearth, especially for real-time embedded systems, of CFI mechanisms. We then present open challenges to the community to help drive research in this domain.
CRMar 9, 2020
Secure Traffic Lights: Replay Attack Detection for Model-based Smart Traffic ControllersPratham Oza, Mahsa Foruhandeh, Ryan Gerdes et al.
Rapid urbanization calls for smart traffic management solutions that incorporate sensors, distributed traffic controllers and V2X communication technologies to provide fine-grained traffic control to mitigate congestion. As in many other cyber-physical systems, smart traffic management systems typically lack security measures. This allows numerous opportunities for adversarial entities to craft attacks on the sensor networks, wireless data sharing and/or the distributed traffic controllers. We show that such vulnerabilities can be exploited to disrupt mobility in a large urban area and cause unsafe conditions for drivers and the pedestrians on the roads. Specifically, in this paper, we look into vulnerabilities in model-based traffic controllers and show that, even with state-of-the-art attack detectors in place, false-data injection can be used to hamper mobility. We demonstrate a replay attack by modeling an isolated intersection in VISSIM, a popular traffic simulator and also discuss countermeasures to thwart such attacks.