“Non-intrusive Observation and Runtime Verification of Cyber-physical Systems”
Master’s thesis, Mestrado em Engenharia Informática, Departamento de Informática, Faculdade de Ciências da Universidade de Lisboa, Sept. 2017
Abstract: The recent extensive development in Cyber-Physical Systems (CPS) and the increase in usage of autonomous vehicles throughout several domains (spacial, avionic, terrestrial and aquatic) has lead to the emergence of new concerns regarding safety, security and timeliness properties. This has resulted in a tendency to adopt Runtime Verification (RV) techniques for embedded systems, when their criticality dictates the need to guarantee correct operation in the time and values domain. RV is based on event observation and monitoring infrastructures and on-the-fly or posterior event correction verification against a given system specification. However, conventional RV methodologies, such as source code instrumentation, impose performance and timeliness penalties due to their intrusive nature, being inappropriate for (real-time) critical systems. In CPSs with real-time requirements these disturbances can be devastating given the lack of computational resources and the necessity to fulfil temporal goals due to their functional specification. For decades, numerous vulnerabilities have put systems and applications at risk and CPSs are no exception. We intent to deal with accidental faults and intended attacks that compromise the integrity of data stored on memory by means of Non-Intrusive RV, to be accomplished through the design of a black-box observer and monitoring entity. This is materialized through the introduction of monitoring actions directly in existing resources present in the processing infrastructure. Such an approach allows for system monitoring with no impact on execution, being adequate for CPSs. A non-intrusive observer entity that is responsible for detecting malicious events and act accordingly, while taking into consideration common operating system vulnerabilities is in order. Thus, the goal of this thesis is to design such an observer, capable of performing function-level memory protection on well-delimited memory zones. For this purpose we perform a requirements analysis on relevant architectural characteristics and from that devise an on-chip online solution of our own. After completion, it was concluded that much work still needs to be done in order to have a viable solution that goes completely towards the initial idea. However, it is a feasible and necessary solution.
NoteThis document is currently classified as confidential and therefore its full content is not publicly available.
Research line(s): Timeliness and Adaptation in Dependable Systems (TADS)