Tao Xie,Andrew H. Sung,Xiao Qin

DOI: https://doi.org/10.1109/ipdps.2005.185

2005-01-01

Abstract:An increasing number of real-time applications, such as aircraft control and medical electronics systems, require high quality of security to assure confidentiality, authenticity and integrity of information. However, most existing algorithms for scheduling independent tasks in real-time systems do not adequately consider security requirements of real-time tasks. In recognition of this problem we propose a novel dynamic scheduling algorithm with security awareness, which is capable of achieving high quality of security for real-time tasks while improving resource utilization. We have conducted extensive simulation experiments to quantitatively evaluate the performance of our approach. Specifically, experimental results show that compared with three heuristic algorithms, the proposed algorithm can consistently improve overall system performance in terms of quality of security and system guarantee ratio under a wide range of workload characteristics.

Tao Xie,Xiao Qin

DOI: https://doi.org/10.1109/tc.2006.110

2006-01-01

Abstract:Security-critical real-time applications such as military aircraft flight control systems have mandatory security requirements in addition to stringent timing constraints. Conventional real-time scheduling algorithms, however, either disregard applications' security needs and thus expose the applications to security threats or run applications at inferior security levels without optimizing security performance. In recognition that many applications running on clusters demand both real-time performance and security, we investigate the problem of scheduling a set of independent real-time tasks with various security requirements. We build a security overhead model that can be used to reasonably measure security overheads incurred by the security-critical tasks. Next, we propose a security-aware real-time heuristic strategy for clusters (SAREC), which integrates security requirements into the scheduling for real-time applications on clusters. Further, to evaluate the performance of SAREC, we incorporate the earliest deadline first (EDF) scheduling policy into SAREC to implement a novel security-aware real-time scheduling algorithm (SAEDF). Experimental results from both real-world traces and a real application show that SAEDF significantly improves security over three existing scheduling algorithms (EDF, Least Laxity First, and First Come First Serve) by up to 266.7 percent while achieving high schedulability.

Junlong Zhou,Yufan Shen,Liying Li,Cheng Zhuo,Mingsong Chen

DOI: https://doi.org/10.1109/tcad.2022.3207328

IF: 2.9

2023-01-01

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

Abstract:Due to the great advancement in computation, communication, and control technologies, the Internet of Things (IoT) can provide ubiquitous connectivity for anyone and anything at any time and any place, leading to a revolution in an information society. Protecting devices against various security threats is one of the most important challenges in IoT since IoT applications are generally security-critical systems while IoT devices are often poorly secured. For IoT devices, employing security services provided by smart gateways or edge/cloud servers to defend against various threats is an effective way to enhance their security. However, the finite battery energy of devices and the limited fund of device users hinder the wide application of security services in IoT. This necessitates the demand for designing new methodologies to tackle the tradeoff among security, energy, and fund of IoT devices. Therefore, this article attempts to optimize system security of IoT devices under energy and fund constraints. Specifically, to formulate the energy and fund constrained security optimization problem, we first propose a pricing model for the security services provided by the smart gateway. We then formulate the problem as a mixed-integer linear programming (MILP) problem. Since using a solver to address the MILP problem may be time consuming, we leverage the swarm intelligence technique to design a new task scheduling scheme that can efficiently solve the optimization problem. Extensive experiments are conducted to validate our proposed MILP and swarm intelligence-based task scheduling algorithms. Simulation results show that our scheme outperforms two state-of-the-art methods in improving system quality of security and guaranteeing schedule feasibility.

Zhaoquan Gu,Yuexuan Wang,Xiao Lin

DOI: https://doi.org/10.1109/cybermatics_2018.2018.00150

2018-01-01

Abstract:In traditional networks, Quality of Service (QoS) has been a challenge due to the lack of global knowledge and a large amount of data to process at each device. This issue becomes much harder when we want to manage real-time QoS. As an innovative network paradigm, Software Defined Network (SDN) enables a centralized network control and a global view of network states. Meanwhile, the online algorithm can accommodate with unknown inputs in any coming sequence and provides a worst-case guarantee for the performances even compared with the off-line optimal result. In this paper, we utilize SDN and online algorithms to achieve real-time QoS in networks. By applying Primal-Dual techniques and the potential function method with phase partitions, we design two online algorithms that achieve real-time QoS and network load balancing at the same time with competitive ratios of log(D) and log(n) respectively (D is the network diameter and n is the node number). The simulations also support our theoretical analyses.

Zubair Md Fadlullah,Chao Wei,Zhiguo Shi,Nei Kato

DOI: https://doi.org/10.1109/mwc.2016.7498077

IF: 12.777

2016-01-01

IEEE Wireless Communications

Abstract:The recent proliferation of various new real-time and latency-sensitive applications and differentiated services, surge of mobile traffic, and emergence of next generation Het-Nets are anticipated to exponentially increase the number of potentially "untrusted" links to the operator's core network. Therefore, mobile broadband operators need to provide much needed security without sacrificing the network performance which calls for the joint provisioning of QoS and security technologies. However, research studies on HetNets have often treated QoS and security as separate entities, and overlooked the combined QoS and security optimization because they usually have difficult-to-model trade-off. In this article, we formulate this problem and propose a game-theoretic algorithm to solve it. In our proposal, the mobile users and their servicing base stations play games with each other to ensure a balanced set of security and QoS parameters for the users. The effectiveness of our proposal is evaluated through simulations.

Tao Xie,Xiao Qin

DOI: https://doi.org/10.1007/11605300_11

2005-01-01

Abstract:Real-time applications with security requirements are emerging in various areas including government, education, and business. However, conventional real-time scheduling algorithms failed to fulfill the security requirements of real-time applications. In this paper we propose a dynamic real-time scheduling algorithm, or SAREG, which is capable of enhancing quality of security for real-time applications running on Grids. In addition, we present a mathematical model to formally describe a scheduling framework, security-sensitive real-time applications, and security overheads. We leverage the model to measure security overheads incurred by security services, including encryption, authentication, integrity check, etc. The SAREG algorithm seamlessly integrates security requirements into real-time scheduling by employing the security overhead model. To evaluate the effectiveness of SAREG, we conducted extensive simulations using a real world trace from a supercomputing center. Experimental results show that SAREG significantly improves system performance in terms of quality of security and schedulability over three existing scheduling algorithms.

Chunjie Zhou,Xuan Li,Shuanghua Yang,Yu-Chu Tian

DOI: https://doi.org/10.1109/tii.2019.2903224

IF: 12.3

2020-05-01

IEEE Transactions on Industrial Informatics

Abstract:Industrial control systems (ICSs) in networked environments face severe cyber-security risks and challenges. A timely response to cyber-attacks is of paramount importance for mitigating risks. However, the security policy developed for an ICS may be conflicting with the ICS's safety policy, on which much attention has been paid for a long time in industrial control. An inappropriate enforcement of the security policy may deteriorate the ICS performance or even result in severe unexpected consequences. To tackle this problem, a risk-based security task scheduling approach is presented for ICSs with consideration of the safety policy. It ensures a timely response to cyber-attacks without compromising safety. More specifically, the approach reconciles security tasks and safety tasks according to a designed resolution policy, so as to acquire contradiction-free security and safety (S&S) tasks. Then, a real-time risk assessment method is developed to characterize the subtle change of the system risk with the implementation of the reconciled S&S tasks. After that, a task scheduling method is designed with the risk as the optimization objective, i.e., it searches the optimal task scheduling scheme by minimizing the risk posture. The resulting scheduling scheme ensures the smooth implementation of the S&S policy, which reflects the optimal recovery process against the risk. Finally, case studies on a hardware-in-the-loop testbed are conducted to demonstrate the effectiveness of the proposed approach.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Tao Xie,Xiao Qin,Andrew Sung

2005-01-01

Abstract:Existing scheduling algorithms for periodic tasks ignore security requirements posed by sensitive applications and are consequently unable to perform properly in high performance embedded systems with security constraints. In this paper we present an approach to scheduling periodic tasks in high performance embedded systems subject to security and timing constraints. We propose a scheduling algorithm, or SASES (Security-Aware Scheduling for Embedded Systems), which accounts for both security and timing requirements. SASES judiciously distributes slack times among a variety of security services for a set of periodic tasks, thereby optimizing security for high-performance embedded systems without sacrificing schedulability. We show through extensive simulations that SASES is able to maximize security for high- performance embedded systems while guaranteeing timeliness. In particular, SASES significantly improves security over three baseline algorithms by up to 93.4%.

Monowar Hasan,Ashish Kashinath,Chien-Ying Chen,Sibin Mohan

DOI: https://doi.org/10.1145/3649499

IF: 16.6

2024-02-26

ACM Computing Surveys

Abstract:Security is an increasing concern for real-time systems (RTS). Over the last decade or so, researchers have demonstrated attacks and defenses aimed at such systems. In this paper, we identify , classify and measure the effectiveness of the security research in this domain. We provide a high-level summary [ identification ] and a taxonomy [ classification ] of this existing body of work. Furthermore, we carry out an in-depth analysis [ measurement ] of scheduler-based security techniques — the most common class of real-time security mechanisms. For this purpose, we developed a common metric, “ attacker’s burden ”, used to measure the effectiveness of (existing as well as future) scheduler-based real-time security measures.

computer science, theory & methods

Hao Wu,Zonghua Gu,Hong Li,Nenggan Zheng

DOI: https://doi.org/10.1007/978-3-030-15093-8_22

2018-01-01

Abstract:Safety-critical embedded systems are often subject to multiple certification requirements from different certification authorities, giving rise to the concept of Mixed-Criticality Systems. In the classical Mixed-Criticality Scheduling task model, all low-criticality tasks are dropped in high-criticality mode. This approach may not be very practical in reality, since it may cause serious degradation of Quality-of-Service (QoS) for low-criticality tasks. In this paper, we present EDF with Virtual Deadlines-Weakly Hard (EDF-VD-WH), where a number of consecutive jobs of LO-crit tasks may be skipped in high-criticality mode, in order to provide a certain level of QoS for low-criticality tasks in high-criticality mode. We present schedulability analysis of EDF-VD-WH based on Demand Bound Functions, and perform experimental evaluation of schedulability acceptance ratios compared to the original EDF-VD.

Hongxia Yin,Zhi Wang,Jiming Chen,Youxian Sun

DOI: https://doi.org/10.1109/WCICA.2004.1343808

2004-01-01

Abstract:A model of real time QoS (quality of service) according to constraint of (m, k)-firm offers more flexibility and a better use of resources compared to guaranteed QoS. It opens new prospects for the implementation of the adaptive management mechanisms of QoS in real time networks and systems. To take into account this new type of constraint during the scheduling of access to the resources, the scheduling algorithms of QoS developed for the hard real time system (for example EDF, FP) and for the hard real time network (for example WFQ) must be extended. This article first presents a state of the art on the principal scheduling algorithms developed for the real time (m, k)-firm guarantee, then two algorithms of our recent work: E-DBP and (m, k)-WF2Q. We also define the notion of the gracious degradation of QoS according to (m, k)-firm and discuss its application to dynamic management of QoS in the networks.

Tao Xie,Xiao Qin

DOI: https://doi.org/10.1007/11945918_10

2006-01-01

Abstract:High quality of security is increasingly critical for applications running on heterogeneous distributed systems, where processors operate at different speeds and communication channels have different bandwidths. Although there are a few scheduling algorithms in the literature for heterogeneous distributed systems, they generally do not take into account of security requirements of applications. In this paper, we propose a novel heuristic scheduling algorithm, or SATS, which is conducive to improving security of heterogeneous distributed systems. First, we formalize a concept of security heterogeneity for our scheduling model in the context of distributed systems. Next, we devise the SATS algorithm aiming at scheduling tasks to maximize the probability that all tasks are executed without any risk of being attacked. Empirical results demonstrate that with respect to security and performance, the proposed scheduling algorithm outperforms existing approaches for heterogeneous distributed systems.

Man Lin,Yongwen Pan,Laurence T. Yang,Minyi Guo,Nenggan Zheng

DOI: https://doi.org/10.1109/tetc.2013.2274042

2013-01-01

IEEE Transactions on Emerging Topics in Computing

Abstract:Energy aware scheduling and reliability are both very critical for real-time cyber-physical system design. However, it has been shown that the transient faults of a system will increase when the processor runs at reduced speed to save energy consumption. In this paper, we study total energy and reliability scheduling co-design problem for real-time cyber-physical systems. Total energy refers the sum of static and dynamic energy. Our goal is to minimize total energy while guaranteeing reliability constraints. We approach the problem from two directions based on the two different ways of guaranteeing the reliability of the tasks. The first approach aims at guaranteeing reliability at least as high as that of without speed scaling by reserving recovery job for each scaled down task. Heuristics have been used to guide the speed scaling and shutdown techniques that are used to lower total energy consumption while guaranteeing the reliability. The second way to guarantee the reliability of the tasks is to satisfy a known minimum reliability constraint for the tasks. The minimum reliable speed guarantees the reliability level of tasks, and is used as a constraint in the energy minimization problem. Both static and dynamic co-design methods are explored. Experimental results show that our methods are effective.

Feng Xia,Liping Liu,Shanbin Li,Youxian Sun

2006-01-01

Abstract:Today's networked control systems (NCSs) increasingly feature both bandwidth constraints and workload fluctuations. With traditional static schedule, the quality of control (QoC) could be significantly degraded. In the context of control and network scheduling co-design, an integrated feedback scheduling approach to adaptive network resource allocation is suggested. To facilitate flexible QoC management in dynamic environments, a feedback control scheduler and a direct feedback scheduler are combined. The period and priority of each control loop are dynamically adjusted with respect to resource availability variations and current control requirements. The deadline miss ratio of the system is controlled at a considerably low level. In this way, the available network resources are fully utilized even when the system is underloaded and graceful QoC degradation is achieved under overload conditions. Simulation results demonstrate that the proposed approach is highly costeffective and delivers significantly improved QoC for NCSs.

Jiming Chen,Hongxia Yin,Youxian Sun

DOI: https://doi.org/10.1109/WCICA.2006.1713216

2006-01-01

Abstract:The problems relation to weakly hard real-time system have been attracted by scholars in this field. This paper summarized current static scheduling algorithms by analyzing how to select a concrete U-pattern, proposed two main issues in static scheduling and presented a simulation example of static scheduling on a network based multimedia application whose tasks achieved lower delay.

Feng Xia,Youxian Sun

DOI: https://doi.org/10.1007/11751632_59

2006-01-01

Abstract:Real-Time Dynamic Voltage Scaling (RT-DVS) has been one of the most important techniques for energy savings in battery-powered embedded systems. However, pure RT-DVS approaches rarely take into account the actual performance requirements of the target applications. With the primary goal of further reducing energy consumption while satisfying Quality of Control (QoC) requirements in real-time control systems, an enhanced dynamic voltage scaling (EDVS) scheme is suggested. Following the direct feedback scheduling methodology, EDVS exploits a QoC-aware adaptive resource allocation mechanism. It enables flexible timing constraints on control tasks, which facilitates further energy saving over pure RT-DVS. Simulation experiments argue that EDVS is highly cost-effective and can save much more energy over the optimal pure RT-DVS scheme, while providing comparable QoC.

SHI Li-bao,ZHOU Hua-feng,Peter T. C. Tam,CHANG Nai-chao,LAN Zhou,NI Yi-xin,XU Zheng

DOI: https://doi.org/10.3969/j.issn.1004-731x.2007.23.012

2007-01-01

Abstract:Mainly focusing on the study of power system dynamics, a real time dynamic security assessment and early warning (RDSAEW) system for the purpose of keeping interconnected power systems operating in security region, monitoring dynamic security margin constantly and ensuring system operation reliability was proposed. The framework of RDSAEW system was designed in accordance with Client/Server and Browser/Server operating modes based on the TCP/IP protocol. And some advanced technologies involving Visual Studio.Net, SQL Server 2000, Shell Programming and parallel computing, etc, were widely used in the design and development of RDSAEW system. On one hand, the RDSAEW system could easily and conveniently integrate with existing Energy Management System (EMS) to implement the real time dynamic security assessment. On the other hand, the RDSAEW system could make intensive dynamic analysis related to the specified case study as an off-line simulation platform.

Yonghui Huang,Yan Ma,Zhaowen Lin,Shuyue Wang,Bowen Xie

DOI: https://doi.org/10.1142/s0218126622500426

2021-01-01

Abstract:By endowing network with the ability of reliable scheduling of security resources, it can realize the dynamic deployment of security resources as well as the efficient configuration of protection resources, and further can quickly respond to network security threats and emergencies timely. Furthermore, due to the network is increasingly complex, it is of great importance to make it reliable by invoking appropriate security resources. However, the security mechanism and response speed of traditional network based on security domain division, network boundary protection are hard to meet the requirements of the virtual network. In this paper, we propose the SDN-empowered reliable and dynamic scheduling scheme for security resources. In the scheme, we use network security resource virtualization technology to virtualize and modularize network security software and hardware resources; at the SDN control layer, we propose meta-security function combination technology to provide on-demand customization for various security applications’ security service; by using role-based conflict detection and conflict resolution technology, we can detect and handle security rule conflicts. The experiments show that the scheme is reliable and efficient with low latency and great throughput.

TingYu Jiang,YaHui Li,Yuan Dong

DOI: https://doi.org/10.1109/cis.2014.161

2014-01-01

Abstract:Security has been a serious concern in more and more embedded systems. But restricted by the constrained resources in embedded system, security may damage the system real-time performance, we refer to this challenge as the "security real-time gap". To bridge this gap, trusted computing technology can be a good candidate, however, researches focusing on real-time performance in embedded systems employing trusted computing is still blank. In this paper, we investigate the dynamic scheduling of hybrid tasks with trusted computing constraint, and present a hybrid tasks model to describe the tasks which need trusted computing resources and a strategy to manage the trusted requests. Furthermore, an advanced dynamic hybrid task schedule algorithm based on total bandwidth server (TBS) algorithm is presented in this paper, used for enhancing responsiveness performance of aperiodic tasks. In the evaluation by simulation, the proposed method reduced average response times of the aperiodic task by up to 30.4%.

M. Pazoki,M. K. Sheikh-EL-Eslami,H. Delkhosh

DOI: https://doi.org/10.1007/s00202-023-02205-7

IF: 1.63

2024-02-17

Electrical Engineering

Abstract:The frequency security issue has become more critical in recent decades for various reasons, especially the reduced and degraded primary frequency control (PFC) response of traditional participants based on the economic incentives of generation units to earn more profit in the energy market. Since frequency security is a dynamic phenomenon, incorporating it into an optimization problem such as scheduling is complicated, especially with realistic modeling assumptions. This difficulty can be solved using a variety of solutions ranging from simple and inaccurate static methods to complex and accurate dynamic approaches. This paper proposes a competitive mechanism among participants in real-time scheduling (hour-ahead) that integrates the dynamic frequency security in the economic optimization procedure, hence enhancing the frequency security. The proposed formulation is a rescheduling scheme based on optimal power flow (OPF) which clears the energy and reserve simultaneously and considers the network constraints. Also, this mechanism uses the accurate model of the governors by including all of the influential parameters on PFC. The cutting-plane model of the nadir frequency function is used to resolve the complexity of the optimization problem. In addition, a framework for multi-objective optimization has been developed that enables the policymakers to reconcile the frequency security with the rescheduling cost. Finally, the correctness and the efficiency of the proposed framework are demonstrated from the economic and technical perspectives based on the implementation of the IEEERTS.

engineering, electrical & electronic