• Modern embedded and cyber-physical systems are ubiquitous. A large number of critical cyber-physical systems have real-time requirements (e.g., avionics, automobiles, power grids, manufacturing systems, industrial control systems, etc.). Recent developments and new functionality requires real-time embedded devices to be connected to the Internet. This gives rise to the real-time Internet-of-things (RT-IoT) that promises a better user experience through stronger connectivity and efficient use of next-generation embedded devices. However RT- IoT are also increasingly becoming targets for cyber-attacks which is exacerbated by this increased connectivity. This paper gives an introduction to RT-IoT systems, an outlook of current approaches and possible research challenges towards secure RT- IoT frameworks.
  • In real-time embedded systems (RTS), failures due to security breaches can cause serious damage to the system, the environment and/or injury to humans. Therefore, it is very important to understand the potential threats and attacks against these systems. In this paper we present a novel reconnaissance attack that extracts the exact schedule of real-time systems designed using fixed priority scheduling algorithms. The attack is demonstrated on both a real hardware platform and a simulator, with a high success rate. Our evaluation results show that the algorithm is robust even in the presence of execution time variation.
  • Many physical plants that are controlled by embedded systems have safety requirements that need to be respected at all times - any deviations from expected behavior can result in damage to the system (often to the physical plant), the environment or even endanger human life. In recent times, malicious attacks against such systems have increased - many with the intent to cause physical damage. In this paper, we aim to decouple the safety of the plant from security of the embedded system by taking advantage of the inherent inertia in such systems. In this paper we present a system-wide restart-based framework that combines hardware and software components to (a) maintain the system within the safety region and (b) thwart potential attackers from destabilizing the system. We demonstrate the feasibility of our approach using two realistic systems - an actual 3 degree of freedom (3-DoF) helicopter and a simulated warehouse temperature control unit. Our proof-of-concept implementation is tested against multiple emulated attacks on the control units of these systems.
  • With the arrival of digital era and Internet, the lack of information control provides an incentive for people to freely use any content available to them. Plagiarism occurs when users fail to credit the original owner for the content referred to, and such behavior leads to violation of intellectual property. Two main approaches to plagiarism detection are fingerprinting and term occurrence; however, one common weakness shared by both approaches, especially fingerprinting, is the incapability to detect modified text plagiarism. This study proposes adoption of ROUGE and WordNet to plagiarism detection. The former includes ngram co-occurrence statistics, skip-bigram, and longest common subsequence (LCS), while the latter acts as a thesaurus and provides semantic information. N-gram co-occurrence statistics can detect verbatim copy and certain sentence modification, skip-bigram and LCS are immune from text modification such as simple addition or deletion of words, and WordNet may handle the problem of word substitution.