A Lightweight Firmware Resilience Engine for Real-Time Operating Systems

Cyber-physical systems (CPSs) comprise devices that continuously monitor their surroundings via sensors and interact with the physical world through actuators. Due to this physical interaction, any malicious activity might have severe consequences, such as endangering human lives. Consequently, ensuring cyber resilience is crucial, primarily focusing on maintaining availability and facilitating rapid recovery during ongoing attacks. To address this latter need, the Trusted Computing Group (TCG) proposes a solution called the Resilience Engine (RE). In this paper, we present a lightweight firmware RE extension for real-time operating systems (RTOSs) with various functionalities. These include runtime code verification, stack checkpointing, recovery, and controlled software updates. To show the feasibility, the RE is integrated into the FreeRTOS kernel running on an ARM Cortex-M4-based microcontroller. The implementation results show that our RE extension can be seamlessly integrated into a real-time device with a reasonable overhead in terms of memory size and execution time.     «

Cyber-physical systems (CPSs) comprise devices that continuously monitor their surroundings via sensors and interact with the physical world through actuators. Due to this physical interaction, any malicious activity might have severe consequences, such as endangering human lives. Consequently, ensuring cyber resilience is crucial, primarily focusing on maintaining availability and facilitating rapid recovery during ongoing attacks. To address this latter need, the Trusted Computing Grou...     »