Skip to main content
SpringerLink
Log in

Security and Reliability of Safety-Critical RTOS

  • Review Article
  • Published:
SN Computer Science Aims and scope Submit manuscript

Abstract

Real-Time Operating System (RTOS) presents a computing environment with the ability to react to events within a strictly-defined period. Modern domain-specific (e.g., aerospace, industrial control, defense, and medical) embedded systems include safety-critical applications whose failures would result in catastrophic events. Such systems avoid the general-purpose operating system and leverage RTOS to work in increasingly dynamic and harsh environments. Moreover, many of these systems operate over networks, making them susceptible to various attacks. Hence, the reliability and security of embedded systems running on top of RTOS are equally important. Although research on these two crucial components has been conducted and presented for traditional operating systems, there has been a significant research thrust on RTOS due to the recent emergence of the internet of things (IoT). This article presents an in-depth and systematic review of the security and reliability of safety-critical systems. We highlight the best practices and recent research efforts and their feasibility in the context of safety-critical RTOS. We compare the solutions qualitatively and discuss their pros and cons. We conclude the article with open-ended research questions.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Al-Sarawi S, Anbar M, Abdullah R, Al Hawari AB. Internet of things market analysis forecasts, 2020–2030. In: 2020 Fourth World Conference on smart trends in systems, security and sustainability (WorldS4), 2020; p. 449–53.

  2. Hahm S-I, Kim J, Jeong A, Yi H, Chang S, Kishore SN, Chauhan A, Cherian SP. Reliable real-time operating system for iot devices. IEEE Internet Things J. 2021;8(5):3705–16.

    Article  Google Scholar 

  3. Wind River Systems. Vxworks. 2021. https://www.windriver.com/products/vxworks#customers. Accessed 10 June 2021.

  4. Wikipedia contributors. Vxworks—Wikipedia, the free encyclopedia. 2021. https://en.wikipedia.org/w/index.php?title=VxWorks&oldid=1021757217. Accessed 8 June 2021.

  5. Phelan P T, Smith K. Implementation of an integrated avionics unit for a class d microsat. In: 2021 IEEE Aerospace Conference (50100), 2021; p. 1–9. IEEE.

  6. Johnson S, Eddy W. Delay tolerant networking on NASA’s space communication and navigation testbed. 2016.

  7. Accident The Fukushima Daiichi. Non-serial publications. Vienna: International Atomic Energy Agency; 2015.

    Google Scholar 

  8. Charette RN. Nissan recalls nearly 1 million cars for air bag software fix. 2014. https://tinyurl.com/3zmks5x8. Accessed 9 June 2021.

  9. Smith MS, Gehman HW. Nasa’s space shuttle Columbia: Synopsis of the report of the Columbia accident investigation board. In: Congressional Research Service, the Library of Congress Washington, DC, 2003.

  10. McLaughlin T, Halsey A, Widianto S. Boeing issues warning on potential instrument malfunction after Indonesia crash. 2018. https://tinyurl.com/2aafx3rw.

  11. Armoush A. Design patterns for safety-critical embedded systems. PhD thesis, RWTH Aachen University, 2010.

  12. Prabhu SS, Kapil H, Lakshmaiah SH. Safety critical embedded software: significance and approach to reliability. In: 2018 International Conference on advances in computing, communications and informatics (ICACCI), 2018; p. 449–55.

  13. Lutz RR. Analyzing software requirements errors in safety-critical, embedded systems. In: 1993 Proceedings of the IEEE International Symposium on requirements engineering, 1993; p. 126–33.

  14. IEC. https://www.iec.ch/safety. Accessed 10 Dec 2020.

  15. MISRA. https://www.misra.org.uk/Publications/tabid/57/Default.aspx. Accessed 10 Dec 2020.

  16. Basagiannis S. Software certification of airborne cyber-physical systems under do-178c. In: 2016 International Workshop on symbolic and numerical methods for reachability analysis (SNR), 2016; p. 1–6.

  17. Iso/iec/ieee international standard—systems and software engineering–life cycle management–part 3: Guidelines for the application of iso/iec/ieee 12207 (software life cycle processes). In: ISO/IEC/IEEE 24748-3:2020(E), 2020; p. 1–76.

  18. Nicolescu B, Ignat N, Savaria Y, Nicolescu G. Sensitivity of real-time operating systems to transient faults: a case study for microc kernel. In: 2005 8th European Conference on radiation and its effects on components and systems, 2005; p. F1–1–F1–6.

  19. Kiszka J, Wagner B. Modelling security risks in real-time operating systems. In: 2007 5th IEEE International Conference on industrial informatics, volume 1, 2007; p. 125–30.

  20. Kiszka J, Wagner B. Domain and type enforcement for real-time operating systems. In: EFTA 2003. 2003 IEEE Conference on emerging technologies and factory automation. Proceedings (Cat. No.03TH8696), 2003; volume 2, pages 439–446 vol.2.

  21. Wilhelm R, et al. The worst-case execution-time problem-overview of methods and survey of tools. ACM Trans Embed Comput Syst. 2008;7(3):1–53.

    Article  Google Scholar 

  22. Wilhelm R, Grund D, Reineke J, Schlickling M, Pister M, Ferdinand C. Memory hierarchies, pipelines, and buses for future architectures in time-critical embedded systems. IEEE Trans Comput-Aided Des Integr Circ Syst. 2009;28(7):966–78.

    Article  Google Scholar 

  23. Petit J, Shladover SE. Potential cyberattacks on automated vehicles. IEEE Trans Intell Transport Syst. 2015;16(2):546–56.

    Google Scholar 

  24. Pike L, Hickey P, Elliott T, Mertens E, Tomb A. Trackos: a security-aware real-time operating system. In: Falcone Yliès, Sánchez César, editors. Runtime verification. pp. Cham: Springer International Publishing; 2016. p. 302–17.

    Chapter  Google Scholar 

  25. Nakate Ms SS, Meshram BB, Chavan JP. New trends in real time operating systems. IOSR J Eng. 2012;2(4):883–92.

    Article  Google Scholar 

  26. Tarrillo J, Pohls LMB, Vargas F. A hardware-scheduler for fault detection in rtos-based embedded systems. In: 2009 12th Euromicro Conference on digital system design, architectures, methods and tools, 2009; p. 341–47.

  27. Wetherholt MJ, Penix JJ. System software safety: today’s practical approach versus tomorrow’s promise. In: Joint ESA-NASA Space-Flight Safety Conference, volume 486 of ESA Special Publication,2002; p. 191, August.

  28. Wikipedia contributors. Micro-controller operating systems—Wikipedia, the free encyclopedia. 2021. https://en.wikipedia.org/w/index.php?title=Micro-Controller_Operating_Systems&oldid=1020631594. Accessed 9 June 2020.

  29. SYSGO. Sysgo embedding innovations. 2021. https://www.sysgo.com/. Accessed 10 June 2020.

  30. Green Hill Software. Integrity-178 tump rtos: customer success stories. 2021. https://www.ghs.com/products/safety_critical/integrity_178_customer_success.html. Accessed 10 June 2020.

  31. High Integrity Systems. Pre-certified safety rtos. 2021. https://www.highintegritysystems.com/safertos/. Accessed 11 June 2020.

  32. Microsoft. Azure rtos. 2021. https://azure.microsoft.com/en-us/services/rtos/. Accessed 11 June 2020.

  33. Wikipedia contributors. Freertos —Wikipedia, the free encyclopedia. 2021. https://en.wikipedia.org/w/index.php?title=FreeRTOS&oldid=1024929766. Accessed 9 June 2020.

  34. The Linux Foundation. Zephyr applications. 2021. https://zephyrproject.org/learn-about/applications/. Accessed 10 June 2020.

  35. Architecture of RTOS. 2020. https://electricalfundablog.com/rtos-real-time-operating-system/#What_is_Kernel_Relevance_of_Kernel_in_RTOS_Architecture. Accessed 11 June 2020.

  36. Wikipedia contributors. Real-time operating system—Wikipedia, the free encyclopedia. 2021. https://en.wikipedia.org/w/index.php?title=Real-time_operating_system&oldid=1025214460. Accessed 12 June 2020.

  37. Jain P. Rtos—real time operating system. 2011. https://www.engineersgarage.com/article_page/rtos-real-time-operating-system/.

  38. Silberschatz A, Galvin PB, Gagne G. Operating system concepts. Hoboken: Wiley; 2018.

    MATH  Google Scholar 

  39. Lefoul JB, Aurora Dugo AT, Magalhaes F, Nicolescu G, Assal D, Ulysse N. Simulator-based framework towards improved cache predictability for multi-core avionic systems. In: 2020 Spring Simulation Conference (SpringSim), 2020; p. 1–12.

  40. Andalam S, Roop PS, Girault A, Traulsen C. A predictable framework for safety-critical embedded systems. IEEE Trans Comput. 2014;63(7):1600–12.

    Article  MathSciNet  Google Scholar 

  41. Lv M, Guan N, Zhang Y, Deng Q, Yu G, Zhang J. A survey of WCET analysis of real-time operating systems. In: 2009 International Conference on embedded software and systems, 2009; p. 65–72 .

  42. Seri B, Vishnepolsky G, Zusman D. Critical vulnerabilities to remotely compromise VxWorks, the most popular RTOS. White paper, ARMIS., URGENT/11, 2019.

  43. Armis. 2020. https://www.armis.com/research/urgent11/. Accessed 1 June 2020.

  44. Wind River. 2020. https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11. Accessed 2 June 2020.

  45. Cybersecurity & Infrastructure Security Agency. 2021. https://us-cert.cisa.gov/ics/advisories/icsa-21-119-04. Accessed 3 June 2020.

  46. Chen C-Y, Mohan S, Bobba RB, Pellizzoni R, Kiyavash N. Scheduleak: A novel scheduler side-channel attack against real-time autonomous control systems. arXiv:1806.01814, 2018.

  47. Yoon M-K, Mohan S, Chen C-Y, Sha L. Taskshuffler: a schedule randomization protocol for obfuscation against timing inference attacks in real-time systems. In: 2016 IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS), 2016; p. 1–12. IEEE.

  48. Baek H, Kang CM. Scheduling randomization protocol to improve schedule entropy for multiprocessor real-time systems. Symmetry. 2020;12(5):753.

    Article  Google Scholar 

  49. Vreman N, Pates R, Krüger K, Fohler G, Maggio M. Minimizing side-channel attack vulnerability via schedule randomization. In: 2019 IEEE 58th Conference on decision and control (CDC), 2019; p. 2928–933. IEEE.

  50. Nasri M, Chantem T, Bloom G, Gerdes RM. On the pitfalls and vulnerabilities of schedule randomization against schedule-based attacks. In: 2019 IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS), 2019; p. 103–16. IEEE.

  51. Chen C-Y, Ghassami A, Mohan S, Kiyavash N, Bobba RB, Pellizzoni R, Yoon M-K. A reconnaissance attack mechanism for fixed-priority real-time systems. arXiv:1705.02561, 2017.

  52. Osvik DA, Shamir A, Tromer E. Cache attacks and countermeasures: the case of AES. In: Cryptographers’ track at the RSA conference

  53. Trilla D, Hernandez C, Abella J, Cazorla FJ. Cache side-channel attacks and time-predictability in high-performance critical real-time systems. In: Proceedings of the 55th Annual Design Automation Conference, DAC ’18, New York, NY, USA, 2018. Association for Computing Machinery.

  54. Jiang K, Batina L, Eles P, Peng Z. Robustness analysis of real-time scheduling against differential power analysis attacks. In: 2014 IEEE Computer Society Annual Symposium on VLSI, 2014; p. 450–55. IEEE.

  55. Tiu CC. A new frequency-based side channel attack for embedded systems. PhD thesis, University of Waterloo, 2005.

  56. Zhou W-h, Kong F-t. Electromagnetic side channel attack against embedded encryption chips. In: 2019 IEEE 19th International Conference on Communication Technology (ICCT), 2019; p. 140–44. IEEE.

  57. Chen C-Y, Hasan M, Mohan S. Securing real-time internet-of-things. Sensors. 2018;18(12):4356.

    Article  Google Scholar 

  58. Wu J, Long X, Wang L. Safety mechanism of RTOS on multi-core processor. In: 2011 International Conference on system science, engineering design and manufacturing informatization, volume 2, 2011; p. 315–18.

Download references

Funding

The authors did not receive any funding while conducting this work.

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Texas Rio Grande Valley, Edinburg, TX, USA

    Ryan Luna & Sheikh Ariful Islam

Authors
  1. Ryan Luna
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sheikh Ariful Islam
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sheikh Ariful Islam.

Ethics declarations

Conflict of Interest

The authors declare that they have no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Luna, R., Islam, S.A. Security and Reliability of Safety-Critical RTOS. SN COMPUT. SCI. 2, 356 (2021). https://doi.org/10.1007/s42979-021-00753-y

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s42979-021-00753-y

Keywords

Search

Navigation