Modern embedded and cyber-physical systems are ubiquitous. A large number of
critical cyber-physical systems have real-time requirements (e.g., avionics,
automobiles, power grids, manufacturing systems, industrial control systems,
etc.). Recent developments and new functionality requires real-time embedded
devices to be connected to the Internet. This gives rise to the real-time
Internet-of-things (RT-IoT) that promises a better user experience through
stronger connectivity and efficient use of next-generation embedded devices.
However RT- IoT are also increasingly becoming targets for cyber-attacks which
is exacerbated by this increased connectivity. This paper gives an introduction
to RT-IoT systems, an outlook of current approaches and possible research
challenges towards secure RT- IoT frameworks.
In real-time embedded systems (RTS), failures due to security breaches can
cause serious damage to the system, the environment and/or injury to humans.
Therefore, it is very important to understand the potential threats and attacks
against these systems. In this paper we present a novel reconnaissance attack
that extracts the exact schedule of real-time systems designed using fixed
priority scheduling algorithms. The attack is demonstrated on both a real
hardware platform and a simulator, with a high success rate. Our evaluation
results show that the algorithm is robust even in the presence of execution
Many physical plants that are controlled by embedded systems have safety
requirements that need to be respected at all times - any deviations from
expected behavior can result in damage to the system (often to the physical
plant), the environment or even endanger human life. In recent times, malicious
attacks against such systems have increased - many with the intent to cause
physical damage. In this paper, we aim to decouple the safety of the plant from
security of the embedded system by taking advantage of the inherent inertia in
such systems. In this paper we present a system-wide restart-based framework
that combines hardware and software components to (a) maintain the system
within the safety region and (b) thwart potential attackers from destabilizing
the system. We demonstrate the feasibility of our approach using two realistic
systems - an actual 3 degree of freedom (3-DoF) helicopter and a simulated
warehouse temperature control unit. Our proof-of-concept implementation is
tested against multiple emulated attacks on the control units of these systems.
With the arrival of digital era and Internet, the lack of information control
provides an incentive for people to freely use any content available to them.
Plagiarism occurs when users fail to credit the original owner for the content
referred to, and such behavior leads to violation of intellectual property. Two
main approaches to plagiarism detection are fingerprinting and term occurrence;
however, one common weakness shared by both approaches, especially
fingerprinting, is the incapability to detect modified text plagiarism. This
study proposes adoption of ROUGE and WordNet to plagiarism detection. The
former includes ngram co-occurrence statistics, skip-bigram, and longest common
subsequence (LCS), while the latter acts as a thesaurus and provides semantic
information. N-gram co-occurrence statistics can detect verbatim copy and
certain sentence modification, skip-bigram and LCS are immune from text
modification such as simple addition or deletion of words, and WordNet may
handle the problem of word substitution.