Timing covert channel analysis of the VxWorks MILS embedded hypervisor under the common criteria security certification

Artigo Acesso aberto Revisado por pares

Timing covert channel analysis of the VxWorks MILS embedded hypervisor under the common criteria security certification

2021; Elsevier BV; Volume: 106; Linguagem: Inglês

10.1016/j.cose.2021.102307

ISSN

1872-6208

Autores

Domenico Cotroneo, Luigi De Simone, Roberto Natella,

Tópico(s)

Physical Unclonable Functions (PUFs) and Hardware Security

Resumo

Virtualization technology is nowadays adopted in security-critical embedded systems to achieve higher performance and more design flexibility. However, it also comes with new security threats, where attackers leverage timing covert channels to exfiltrate sensitive information from a partition using a trojan. This paper presents a novel approach for the experimental assessment of timing covert channels in embedded hypervisors, with a case study on security assessment of a commercial hypervisor product (Wind River VxWorks MILS), in cooperation with a licensed laboratory for the Common Criteria security certification. Our experimental analysis shows that it is indeed possible to establish a timing covert channel, and that the approach is useful for system designers for assessing that their configuration is robust against this kind of information leakage.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

Timing covert channel analysis of the VxWorks MILS embedded hypervisor under the common criteria security certification