[SPARTA - bodies.dissemination-committee] WP6.2 Submission (CINI, Italy)

Dear All, As CINI (Italy) WP6.2 members, we have been accepted with a paper at 27th IEEE European Test Symposium (ETS22). Title, authors and abstract of the paper are below. We would like to have your consent to acknowledge SPARTA in the published version of the paper. Title: Real-Time Control-Flow Integrity for Multicore Mixed-Criticality IoT Systems Authors: Vahid EFTEKHARI MOGHADAM, Paolo PRINETTO, Gianluca ROASCIO Abstract: The spread of the Internet of Things (IoT) and the use of smart control systems in many mission-critical or safety-critical applications domains, like automotive or aeronautical, make devices attractive targets for attackers. Nowadays, several of these are mixed-criticality systems, i.e., they run both high-criticality tasks (e.g., a car control system) and low-criticality ones (e.g., infotainment). High-criticality routines often employ Real-Time Operating Systems (RTOS) to enforce hard real-time requirements, while the tasks with lower constraints can be delegated to more generic-purpose operating systems (GPOS). Much of the control code for these devices is written in memory-unsafe languages such as C and C++. This makes them susceptible to powerful binary attacks, such as the famous Return-Oriented Programming (ROP). Control-Flow Integrity (CFI) is the most investigated security technique to protect against such threats. At now, CFI solutions for real-time embedded systems are not as mature as the ones for general-purpose systems, and even more, there is a lack of in-depth studies on how different operating systems with different security requirements and timing constraints can coexist on a single multicore platform. This paper aims at drawing attention to the subject, discussing the current scientific proposal, and in turn proposing a solution for an optimized asymmetric verification system for execution integrity. By using an embedded hypervisor, predefined cores could be dedicated to only high or low-criticality tasks, with the high-priority core being monitored by the lower-criticality core, relying on offline binary instrumentation and a light exchange of information and signals at runtime. The work also presents preliminary results about a possible implementation for multicore ARM platforms, running both RTOS and GPOS, both in terms of security and performance penalties. All the best, Gianluca Roascio -- *Gianluca ROASCIO* *CINI* - Laboratorio Nazionale Cybersecurity Sede di Torino c/o LINKS - Leading Innovation & Knowledge for Society Via Pier Carlo Boggio 61, I-10138 Torino TO - Italy Tel: +39 334 3762427 gianluca.roascio(a)consorzio-cini.it Skype: gianluca.roascio www.cybersecnatlab.it <http://www.consorzio-cini.it/>