Secure Real-time OS Research

Next-generation embedded controllers for cyber-physical systems will be based on a "smart" platform, where a general-purpose OS provides a programming platform for various "apps" to run on top of it. Some of the apps will bear responsibility to the safety of the physical systems being controlled. Real-time guarantees are normally required, i.e., the OS must ensure that certain deadlines are met in scheduling the multiple tasks. Since we cannot foresee what type of apps may need to run on the OS in the future, and we cannot generally assume that all the apps running on the platform will behave nicely, the OS must provide guarantees on certain properties that can ensure the critical apps get their jobs done in a timely manner even under an adversarial environment, thus ensuring the overall system's security and safety. The research challenges are: 1) how to define a set of "primitive properties" that OS can guarantee so that we can use them to compose meaningful security/safety properties for the apps that may run on the platform; 2) how to design and implement the OS in a way that facilitates formal verification of those primitive properties.

Faculty: Collaborators:
  • Dr. Raj Rajagopalan (Honeywell ACS Labs)
  • Will Baldwin (Biosecurity Research Institute, Kansas State University)
Student: Papers:
  • Secure RTOS Architecture for Building Automation. Xiaolong Wang, Masaaki Mizuno, Mitch Neilsen, Xinming Ou, S. Raj Rajagopalan, Will G. Baldwin, and Bryan Phillips. In First ACM Workshop on Cyber-Physical Systems Security and Privacy (CPS-SPC), Denver, CO, US, October, 2015.
This research is supported by the Department of Homeland (DHS) Security under contract number D15PC00303, and National Science Foundation under Grant No. 1136040. Any opinions, findings and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the sponsors.