Sechduler: A security-aware kernel scheduler

Saman Zonouz, Rui Han, Parisa Haghani

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

Trustworthy operation of safety-critical infrastructures necessitates efficient solutions that satisfy both realtimeness and security requirements simultaneously. In this paper, we present Sechduler, a formally verifiable security-aware operating system scheduler that dynamically makes sure that system computational resources are allocated to individual waiting tasks in an optimal order such that, if feasible, neither real time nor security requirements of the system are violated. Additionally, if not both of the requirements can be satisfied simultaneously, Sechduler makes use of easy-to-define linear temporal logic-based policies as well as automatically generated Buchi automaton-based monitors, compiled as loadable kernel modules, to enforce which requirements should get the priority. Our experimental results show that Sechduler can adaptively enforce the system-wide logic-based temporal policies within the kernel and with minimal performance overhead of 3% on average to guarantee high level of combined security and realtimeness simultaneously.

Original languageEnglish (US)
Title of host publicationProceedings - 2013 IEEE 19th Pacific Rim International Symposium on Dependable Computing, PRDC 2013
PublisherIEEE Computer Society
Pages236-245
Number of pages10
ISBN (Print)9780769551302
DOIs
StatePublished - Jan 1 2013
Event19th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2013 - Vancouver, BC, Canada
Duration: Dec 2 2013Dec 4 2013

Publication series

NameProceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC
ISSN (Print)1541-0110

Other

Other19th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2013
CountryCanada
CityVancouver, BC
Period12/2/1312/4/13

ASJC Scopus subject areas

  • Computational Theory and Mathematics
  • Computer Science Applications
  • Hardware and Architecture
  • Software

Fingerprint Dive into the research topics of 'Sechduler: A security-aware kernel scheduler'. Together they form a unique fingerprint.

Cite this