Towards Host Intrusion Detection for Embedded Industrial Systems
Description
Original Equipment Manufacturers now embed hardware
virtualization in car equipments to reduce costs and hardware
complexity, while allowing more functionalities, such as connec-
tivity. This evolution forces the cohabitation of distinct criticality
domains on the same hardware, reaffirming the need for security.
Because of the trade-off between performance and system overall
complexity, deploying security becomes a challenging balancing
act. Host Intrusion Detection Systems (HIDS) security protects
the behavior of a program at runtime: it monitors the program
execution flow to distinguish threats from benign activity. This
paper presents a novel runtime security solution for embedded
mixed-criticality systems, which integrates HIDS in a partitioned
system based on Multiple Independent Levels of Security (MILS)
architecture. Our HIDS monitors a program’s execution by
observing both hardware and software signals; there is to our
knowledge no HIDS providing such precise representation of
program execution.
Files
Restricted
The record is publicly accessible, but files are restricted to users with access.