| 1. |
- Broman, David, et al.
(författare)
-
Precision Timed Infrastructure : Design Challenges
- 2013
-
Ingår i: Proceedings of the Electronic System Level Synthesis Conference (ESLsyn). - : IEEE conference proceedings. - 9781467364140
-
Konferensbidrag (refereegranskat)abstract
- In general-purpose software applications, computation time is just a quality factor: faster is better. In cyber-physical systems (CPS), however, computation time is a correctness factor: missed deadlines for hard real-time applications, such as avionics and automobiles, can result in devastating, life-threatening consequences. Although many modern modeling languages for CPS include the notion of time, implementation languages such as C lack any temporal semantics. Consequently, models and programs for CPS are neither portable nor guaranteed to execute correctly on the real system; timing is merely a side effect of the realization of a software system on a specific hardware platform. In this position paper, we present the research initiative for a precision timed (PRET) infrastructure, consisting of languages, compilers, and microarchitectures, where timing is a correctness factor. In particular, the timing semantics in models and programs must be preserved during compilation to ensure that the behavior of real systems complies with models. We also outline new research and design challenges present in such an infrastructure.
|
|
| 2. |
- Kim, Hokeun, et al.
(författare)
-
A Predictable and Command- Level Priority-Based DRAM Controller for Mixed-Criticality Systems
- 2015
-
Ingår i: Proceedings of the 21th IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS). - : IEEE Press. - 9781479986033 ; , s. 317-326
-
Konferensbidrag (refereegranskat)abstract
- Mixed-criticality systems have tasks with different criticality levels running on the same hardware platform. Today's DRAM controllers cannot adequately satisfy the often conflicting requirements of tightly bounded worst-case latency for critical tasks and high performance for non-critical real-time tasks. We propose a DRAM memory controller that meets these requirements by using bank-aware address mapping and DRAM command-level priority-based scheduling with preemption. Many standard DRAM controllers can be extended with our approach, incurring no performance penalty when critical tasks are not generating DRAM requests. Our approach is evaluated by replaying memory traces obtained from executing benchmarks on an ARM ISA-based processor with caches, which is simulated on the gem5 architecture simulator. We compare our approach against previous TDM-based approaches, showing that our proposed memory controller achieves dramatically higher performance for non-critical tasks, without any significant impact on the worstcase latency of critical tasks.
|
|
| 3. |
- Kim, Hokeun, et al.
(författare)
-
A Toolkit for Construction of Authorization Service Infrastructure for the Internet of Things
- 2017
-
Ingår i: Internet-of-Things Design and Implementation (IoTDI), 2017 IEEE/ACM Second International Conference on. - New York, NY, USA : ACM Digital Library. ; , s. 147-158
-
Konferensbidrag (refereegranskat)abstract
- The challenges posed by the Internet of Things (IoT) render existing security measures ineffective against emerging networks and devices. These challenges include heterogeneity, operation in open environments, and scalability. In this paper, we propose SST (Secure Swarm Toolkit), an open-source toolkit for construction and deployment of an authorization service infrastructure for the IoT. The infrastructure uses distributed local authorization entities, which provide authorization services that can address heterogeneous security requirements and resource constraints in the IoT. The authorization services can be accessed by network entities through software interfaces provided by SST, called accessors. The accessors enable IoT developers to readily integrate their devices with authorization services without needing to manage cryptographic keys and operations. To rigorously show that SST provides necessary security guarantees, we have performed a formal security analysis using an automated verification tool. In addition, we demonstrate the scalability of our approach with a mathematical analysis, as well as experiments to evaluate security overhead of network entities under different security profiles supported by SST
|
|
| 4. |
- Kim, Hokeun, et al.
(författare)
-
Resilient Authentication and Authorization for the Internet of Things (IoT) Using Edge Computing
- 2020
-
Ingår i: ACM Transactions on Internet of Things. - : ACM Press. - 2691-1914 .- 2577-6207. ; 1:1, s. -27
-
Tidskriftsartikel (refereegranskat)abstract
- An emerging type of network architecture called edge computing has the potential to improve the availability and resilience of IoT services under anomalous situations such as network failures or denial-of-service (DoS) attacks. However, relatively little has been explored on the problem of ensuring availability even when edge computers that provide key security services (e.g., authentication and authorization) become unavailable themselves. This article proposes a resilient authentication and authorization framework to enhance the availability of IoT services under DoS attacks or failures. The proposed approach leverages a technique called secure migration, which allows an IoT device to migrate to another trusted edge computer when its own local authorization service becomes unavailable. Specifically, we describe the design of a secure migration framework and its supporting mechanisms, including (1) automated migration policy construction and (2) protocols for preparing and executing the secure migration. We formalize secure migration policy con- struction as an integer linear programming (ILP) problem and show its effectiveness using a case study on smart buildings, where the proposed solution achieves significantly higher availability under simulated at- tacks on authorization services.
|
|
