TY - GEN
T1 - Sechduler
T2 - 19th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2013
AU - Zonouz, Saman
AU - Han, Rui
AU - Haghani, Parisa
N1 - Copyright:
Copyright 2014 Elsevier B.V., All rights reserved.
PY - 2013
Y1 - 2013
N2 - Trustworthy operation of safety-critical infrastructures necessitates efficient solutions that satisfy both realtimeness and security requirements simultaneously. In this paper, we present Sechduler, a formally verifiable security-aware operating system scheduler that dynamically makes sure that system computational resources are allocated to individual waiting tasks in an optimal order such that, if feasible, neither real time nor security requirements of the system are violated. Additionally, if not both of the requirements can be satisfied simultaneously, Sechduler makes use of easy-to-define linear temporal logic-based policies as well as automatically generated Buchi automaton-based monitors, compiled as loadable kernel modules, to enforce which requirements should get the priority. Our experimental results show that Sechduler can adaptively enforce the system-wide logic-based temporal policies within the kernel and with minimal performance overhead of 3% on average to guarantee high level of combined security and realtimeness simultaneously.
AB - Trustworthy operation of safety-critical infrastructures necessitates efficient solutions that satisfy both realtimeness and security requirements simultaneously. In this paper, we present Sechduler, a formally verifiable security-aware operating system scheduler that dynamically makes sure that system computational resources are allocated to individual waiting tasks in an optimal order such that, if feasible, neither real time nor security requirements of the system are violated. Additionally, if not both of the requirements can be satisfied simultaneously, Sechduler makes use of easy-to-define linear temporal logic-based policies as well as automatically generated Buchi automaton-based monitors, compiled as loadable kernel modules, to enforce which requirements should get the priority. Our experimental results show that Sechduler can adaptively enforce the system-wide logic-based temporal policies within the kernel and with minimal performance overhead of 3% on average to guarantee high level of combined security and realtimeness simultaneously.
UR - http://www.scopus.com/inward/record.url?scp=84906766153&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84906766153&partnerID=8YFLogxK
U2 - 10.1109/PRDC.2013.45
DO - 10.1109/PRDC.2013.45
M3 - Conference contribution
AN - SCOPUS:84906766153
SN - 9780769551302
T3 - Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC
SP - 236
EP - 245
BT - Proceedings - 2013 IEEE 19th Pacific Rim International Symposium on Dependable Computing, PRDC 2013
PB - IEEE Computer Society
Y2 - 2 December 2013 through 4 December 2013
ER -