| Article ID | Journal | Published Year | Pages | File Type |
|---|---|---|---|---|
| 455296 | Computers & Electrical Engineering | 2015 | 16 Pages |
•Introducing security-critical applications based on embedded control server systems for industrial networks.•Establishing the security-aware task, security overhead and risk models for aperiodic real-time applications.•Combining the soft real-time and security requirements into a unified framework.•Deploying proportional controllers to achieve satisfied fine-grained control.
Widely deployed real-time embedded systems can improve the performance of industrial applications, but these systems also face the critical challenge of providing high quality security in an unpredictable network environment. We measure the time and energy consumptions of commonly used cryptographic algorithms on a real embedded platform and introduce a method to quantify the security risk of real-time applications. We propose a Dynamic Security Risk Management (DSRM) mechanism to manage the aperiodic real-time tasks for networked industrial applications. Inspired by the feedback design philosophy, DSRM is designed as a two-level control mechanism. The upper-level component makes efforts to admit or reject the arrival tasks and assigns the reasonable security level for each admitted task. With three proportional feedback controllers at the lower level, the security level of each ready task can be adjusted adaptively according to the dynamic environments. Simulation results show the superiority of the proposed mechanism.
Graphical abstractFigure optionsDownload full-size imageDownload as PowerPoint slide
