IRIS

Virtualization technology is nowadays adopted in security-critical embedded systems to achieve higher performance and more design flexibility. However, it also comes with new security threats, where attackers leverage timing covert channels to exfiltrate sensitive infor- mation from a partition using a trojan. This paper presents a novel approach for the exper- imental assessment of timing covert channels in embedded hypervisors, with a case study on security assessment of a commercial hypervisor product ( Wind River VxWorks MILS ), in cooperation with a licensed laboratory for the Common Criteria security certification. Our ex- perimental analysis shows that it is indeed possible to establish a timing covert channel, and that the approach is useful for system designers for assessing that their configuration is robust against this kind of information leakage.

Timing Covert Channel Analysis of the VxWorks MILS Embedded Hypervisor under the Common Criteria Security Certification / Cotroneo, Domenico; Simone, Luigi De; Natella, Roberto. - In: COMPUTERS & SECURITY. - ISSN 0167-4048. - 106:(2021), p. 102307. [10.1016/j.cose.2021.102307]

Timing Covert Channel Analysis of the VxWorks MILS Embedded Hypervisor under the Common Criteria Security Certification

Cotroneo, Domenico;Simone, Luigi De;Natella, Roberto
2021

Abstract

Virtualization technology is nowadays adopted in security-critical embedded systems to achieve higher performance and more design flexibility. However, it also comes with new security threats, where attackers leverage timing covert channels to exfiltrate sensitive infor- mation from a partition using a trojan. This paper presents a novel approach for the exper- imental assessment of timing covert channels in embedded hypervisors, with a case study on security assessment of a commercial hypervisor product ( Wind River VxWorks MILS ), in cooperation with a licensed laboratory for the Common Criteria security certification. Our ex- perimental analysis shows that it is indeed possible to establish a timing covert channel, and that the approach is useful for system designers for assessing that their configuration is robust against this kind of information leakage.
2021
Timing Covert Channel Analysis of the VxWorks MILS Embedded Hypervisor under the Common Criteria Security Certification / Cotroneo, Domenico; Simone, Luigi De; Natella, Roberto. - In: COMPUTERS & SECURITY. - ISSN 0167-4048. - 106:(2021), p. 102307. [10.1016/j.cose.2021.102307]
1.1 Articolo in rivista
File in questo prodotto:
File Dimensione Formato  
1-s2.0-S0167404821001310-main.pdf

solo utenti autorizzati

Tipologia: Versione Editoriale (PDF)
Licenza: Accesso privato/ristretto
Dimensione 2.12 MB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
2.12 MB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11588/851061
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 15
  • ???jsp.display-item.citation.isi??? 9
social impact