A Novel Side-Channel in Real-Time Schedulers
This addresses a critical security vulnerability in real-time systems used in automotive, avionic, and industrial control, posing risks to safety-critical applications.
The paper identifies a novel scheduler side-channel in preemptive, fixed-priority real-time systems that can leak future task arrival times, enabling devastating attacks as demonstrated on real hardware platforms like Real-time Linux and FreeRTOS.
We demonstrate the presence of a novel scheduler side-channel in preemptive, fixed-priority real-time systems (RTS); examples of such systems can be found in automotive systems, avionic systems, power plants and industrial control systems among others. This side-channel can leak important timing information such as the future arrival times of real-time tasks.This information can then be used to launch devastating attacks, two of which are demonstrated here (on real hardware platforms). Note that it is not easy to capture this timing information due to runtime variations in the schedules, the presence of multiple other tasks in the system and the typical constraints (e.g., deadlines) in the design of RTS. Our ScheduLeak algorithms demonstrate how to effectively exploit this side-channel. A complete implementation is presented on real operating systems (in Real-time Linux and FreeRTOS). Timing information leaked by ScheduLeak can significantly aid other, more advanced, attacks in better accomplishing their goals.