Full Program

A Lightweight Firmware Resilience Engine for Real-Time Operating Systems

Summary:

Cyber-physical systems (CPSs) comprise devices that continuously monitor their surroundings via sensors and interact with the physical world through actuators. Due to this physical interaction, any malicious activity might have severe consequences, such as endangering human lives. Consequently, ensuring cyber resilience is crucial, primarily focusing on maintaining availability and facilitating rapid recovery during ongoing attacks. To address this latter need, the Trusted Computing Group (TCG) proposes a solution called the Resilience Engine (RE). In this paper, we present a lightweight firmware RE extension for real-time operating systems (RTOSs) with various functionalities. These include runtime integrity checks, stack checkpointing, recovery, and controlled updates. To show the feasibility, the RE is integrated into the FreeRTOS kernel running on an ARM Cortex-M4-based microcontroller. The implementation results have shown that our RE extension can be seamlessly integrated into a real-time device with a reasonable overhead in terms of memory size and execution time.

Author(s):

Utku Budak    
Technical University of Munich
Germany

I am currently working as a Research Assistant at the Technical University of Munich, Chair of Security in Information Technology.

Fabrizio De Santis    
Siemens AG
Germany

Senior Key Expert - Research Scientist at Siemens

Osman Yasar    
Technical University of Munich
Germany

Working Student at the Technical University of Munich, Chair of Security in Information Technology

Malek Safieh    
Siemens AG
Germany

Research Scientist at Siemens

Georg Sigl    
Technical University of Munich
Germany

Professor at the Technical University of Munich, Chair of Security in Information Technology