REORDER plus plus : Enhanced Randomized Real-Time Scheduling Strategy Against Side-Channel Attacks

Embedded real-time systems are widely adopted in safety-critical domains such as aircrafts, automobiles and space vehicles. Unfortunately, with the sharp rise in the use of common-off-the-shelf components in systems and the drive towards remote communication through untrusted networks, such as WiFi, radio or cellular, the security is increasingly becoming the key consideration in real-time system design. In particular, the real-time system is vulnerable to side-channel attacks from the external networks, which attempt to infer the timing of task execution by exploiting the system deterministic execution patterns. In this article, we present an enhanced online randomized scheduling strategy (named REORDER++), which breaks the deterministic task execution pattern of systems by random priority inversions at run-time to counteract the timing side-channel attacks in dynamic-priority real-time systems. In order to realize the feasible priority inversions under real-time constraint, we propose an online priority inversion test to increase the opportunity of tasks' priority inversions by judging the feasibility of tasks' priority inversions at run-time. Owing to such online priority inversion test, REORDER++ can generate highly randomized schedule of real-time tasks to mitigate the side-channel attack vulnerability. Experiments with synthesized task sets show that REORDER++ significantly outperforms the existing approaches in terms of schedule randomness.