Enforcing full-stack memory-safety in cyber-physical systems
Título de la revista
ISSN de la revista
Título del volumen
Memory-safety attacks are one of the most critical threats against Cyber-Physical Systems (CPS). As opposed to mainstream systems, CPS often impose stringent timing constraints. Given such timing constraints, how can we protect CPS from memory-safety attacks? In this paper, we propose a full-stack memory-safety attack detection method to address this challenge. We also quantify the notion of tolerability of memory-safety overheads (MSO) in terms of the expected real-time constraints of a typical CPS. We implemented and evaluated our proposed solution on a real-world Secure Water Treatment (SWaT) testbed. Concretely, we show that our proposed solution incurs a memory-safety overhead of 419.91Â µs, which is tolerable for the real-time constraints imposed by the SWaT system. Additionally, We also discuss how different parameters of a typical CPS will impact the execution time of the CPS computational logic and memory safety overhead. © Springer International Publishing AG, part of Springer Nature 2018.
Computation theory , Cyber Physical System , Embedded systems , Logic programming , Real time systems , Water treatment , Attack detection , Computational logic , Cyber-Physical System (CPS) , Execution time , Memory safety , Real time constraints , Stack memory , Timing constraints , Safety engineering