Research project status:
Integration methods for host intrusion detection into embedded mixed-criticality systems
- Main supervisors:
- Dr. Sergey Tverdyshev, firstname.lastname@example.org (2017-2020)
- Philipp Gorski, email@example.com (since 2020)
- Prof. Gerhard Fohler, firstname.lastname@example.org
- Develop security monitoring solutions capable of detecting security attacks in industrial embedded mixed-criticality systems (MCS).
- Integrate the security solutions into the PikeOS hypervisor.
- We defined a safety-aware architecture to integrate host intrusion detection system (HIDS) into an industrial embedded MCS. The approach is compatible with system certifiability towards industrial deployment.
- We defined a set of metrics to evaluate the HIDS in regards to security, performance, and system schedulability impacts
- We developed two monitoring approaches:
- Transparent Control-Flow monitoring framework, using hardware assistance
- Non-intrusive machine-learning based HIDS for embedded MCS
- We implemented the proposed security monitoring services as extensions of SYSGO’s PikeOS real-time hypervisor and evaluated the overhead of the implemented solutions.
Collaboration with Prof. Gerhard Fohler:
- TU Kaiserslautern: Evaluate the worst-case overhead of the anomaly detection solutions.
- M. Kadar, G. Fohler, D. Kuzhiyelil, and P. Gorski. Safety-aware integration of hardware-assisted program tracing in mixed-criticality systems for security monitoring. In IEEE Real-Time and Embedded Technology and Applications Symposium, 2021.
- M. Kadar, S. Tverdyshev, and G. Fohler. Towards host intrusion detection for embedded industrial systems. In 50th Annual IEEE-IFIP International Conference on Dependable Systems and Networks-Supplemental Volume (DSN-S), 2020.
- D. Kuzhiyelil, P. Zieris, M. Kadar, S. Tverdyshev, and G. Fohler. Towards transparent control-flow integrity in safety-critical systems. In 23rd Information Security Conference, 2020.
- Patrick Denzler, Jan Ruh, Marine Kadar, Cosmin Avasalcai, Wolfgang Kastner. Towards Consolidating Industrial Use Cases on a Common Fog Computing Platform. In 25th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), 2020.
- M. Kadar, S. Tverdyshev, and G. Fohler. System calls instrumentation for intrusion detection in embedded mixed-criticality systems. In 4th International Workshop on Security and Dependability of Critical Embedded Real-Time Systems, 2019.