The ACROSS Integrity Model

Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 247)


In this chapter we discuss the application of integrity models in a mixed-criticality system to enable the secure sharing of information. The sharing of resources and information in computer systems enables cost savings. The major technical challenge of these systems is simple: low criticality applications must be prevented from interfering with high criticality ones which execute in the same system. An example for such an integrated architecture is the the ACROSS MPSoC architecture which facilitates the implementation of hard real-time systems. We present an integrity model for the secure exchange of information between different levels of criticality within ACROSS. Our approach is based on Totel’s integrity model which proposes to upgrade information from low to high by rigorously validating this information. We were able to show that the encapsulation mechanisms of the ACROSS architecture support the implementation of the proposed integrity model.


ACROSS architecture Integrity model Mixed-criticality Resource sharing Security policy Totel’s model 



This document is based on the ACROSS project in the framework of the ARTEMIS program. The work has been funded in part by the ARTEMIS Joint Undertaking and National Funding Agencies under the funding ID ARTEMIS-2009-1-100208.


  1. 1.
    Avizienis A, Laprie JC, Randell B, Landwehr C (2004) Basic concepts and taxonomy of dependable and secure computing. IEEE Trans Dependable Secure Comput 1(1):11–33CrossRefMATHGoogle Scholar
  2. 2.
    Avizienis AA (1995) The methodology of N-version programming. In: Lyu M (ed) Software fault tolerance. Wiley, New York, pp 23–46Google Scholar
  3. 3.
    Banerjee A, Kumar V (2009) Anomaly detection: a survey. Technical report, ACM computing surveyGoogle Scholar
  4. 4.
    Bell DE, LaPadula LJ (1975) Computer security model: unified exposition and multics interpretation. Technical report, MITRE Corp., BedfordGoogle Scholar
  5. 5.
    Biba KJ (1977) Integrity considerations for secure computer systems. Mitre Corporation, technical reportGoogle Scholar
  6. 6.
    Boettcher C, DeLong R, Rushby J, Sifre W (2008) The MILS component integration approach to secure information sharing. In: Proceedings of the 27th digital avionics systems conference (DASC). IEEE/AIAAGoogle Scholar
  7. 7.
    Burton D, Delaney A, Newstead S, Logan D, Fields B (2004) Effectiveness of ABS and vehicle stability control systems. Technical report, Royal Automobile Club of Victoria (RACV) LtdGoogle Scholar
  8. 8.
    Commission I.E.: IEC 61508 (2005) Functional safety of electrical/electronic/programmable electronic safety-related systems. In: 1st IEEE automotive electronics conference, pp 7–13Google Scholar
  9. 9.
    El-Salloum C, Elshuber M, Höftberger O, Isakovic H, Wasicek A (2012) The ACROSS MPSoC - a new generation of multi-core processors designed for safety-critical embedded systems. In: Proceedings of the 15th euromicro conference on digital systems design (DSD)Google Scholar
  10. 10.
    Evans DL, Bond PJ, Bement AL (2001) Security requireents for cryptographic modules. Federal Information Processing Stabdards Publication (Supercedes FIPS PUB 140–1)Google Scholar
  11. 11.
    Kopetz H (1995) Why time-triggered architectures will succeed in large hard real-time systems. In: FTDCS, pp 2–9Google Scholar
  12. 12.
    Kopetz H (2011) Real-time systems: design principles for distributed embedded applications, 2nd edn. Springer, BerlinGoogle Scholar
  13. 13.
    Laarouchi Y, Deswarte Y, Powell D, Arlat J (2003) Connecting commercial computers to avionics systems. In: 28th digital avionics systems conference pp 6.D.1-(1–9)Google Scholar
  14. 14.
    Lampson B, Abadi M, Burrows M, Wobber E (1992) Authentication in distributed systems: theory and practice. ACM Trans Comput Syst 10(4):265–310CrossRefGoogle Scholar
  15. 15.
    Lorczak PR, Caglayan AK, Eckhardt DE (1989) A theoretical investigation of generalized voters for redundant systems. In: Digest of papers FTCS-19: the nineteenth international symposium on fault-tolerant, computing, pp 444–450Google Scholar
  16. 16.
    Matteucci M (2000) Hierarchical clustering algorithms. Available at: al.html
  17. 17.
    Morgan C (2002) Preliminary report: the incidence rate of odometer fraud. Technical report DOT HS 809 441, national highway traffic safety administration (NHTSA)Google Scholar
  18. 18.
    Obermaisser R, El Salloum C, Huber B, Kopetz H (2009) From a federated to an integrated automotive architecture. IEEE Trans Comput Aided Des Integr Circ Syst 28(7):956–965CrossRefGoogle Scholar
  19. 19.
    Subramaniam S, Palpanas T, Papadopoulos D, Kalogeraki V, Gunopulos D (2006) Online outlier detection in sensor data using non-parametric models. In: Proceedings of the 32nd international conference on very large data bases (VLDB), pp 187–197Google Scholar
  20. 20.
    Totel E, Blanquart JP, Deswarte Y, Powell D (2000) Supporting multiple levels of criticality. ESPRIT project 20716: GUARDSGoogle Scholar
  21. 21.
    Wasicek A, Mair T (2012) Secure information sharing in mixed-criticality systems. In: Lecture notes in engineering and computer science: proceedings of the world congress on engineering and computer science 2012, IAENG, pp 23–29Google Scholar
  22. 22.
    Wasicek A, Salloum CE (2010) A system-on-a-chip platform for mixed-criticality applications. In: Proceedings of 13th IEEE international symposium on object/component/service-oriented real-time distributed computing (ISORC)Google Scholar

Copyright information

© Springer Science+Business Media Dordrecht 2014

Authors and Affiliations

  1. 1.Vienna University of TechnologyInstitute for Computer EngineeringViennaAustria

Personalised recommendations