In this paper, we show that a single, maliciously controlled vehicle can destabilize a vehicular platoon, to catastrophic effect, through local modifications to the prevailing control law. Specifically, by combining changes to the gains of the associated law with the appropriate vehicle movements, the attacker can cause the platoon to oscillate at a resonant frequency, causing accidents that could result in serious injury or death. We determine the range of gains, and their corresponding frequencies, that allow an attacker to violate the string stability and stability criteria at different positions in the platoon. Furthermore, we prove that the attack can be successful at any position in the platoon and at frequencies that can be realized by the other vehicles in the platoon. Our work implies that neither the string stability nor stability conditions, when used singly, ensure proper platoon operation, and that neither can be used to ensure the other. Finally, we show that an attacker is theoretically capable of gaining control over the individual position and velocity (states) of other vehicles in the platoon; two attacks are demonstrated for this vulnerability.
Schedule randomization is one of the recently introduced security defenses against schedule-based attacks, i.e., attacks whose success depends on a particular ordering between the execution window of an attacker and a victim task within the system. It falls into the category of information hiding (as opposed to deterministic isolation-based defenses) and is designed to reduce the attacker's ability to infer the future schedule. This paper aims to investigate the limitations and vulnerabilities of schedule randomization-based defenses in real-time systems. We first provide definitions, categorization, and examples of schedulebased attacks, and then discuss the challenges of employing schedule randomization in real-time systems. Further, we provide a preliminary security test to determine whether a certain timing relation between the attacker and victim tasks will never happen in systems scheduled by a fixed-priority scheduling algorithm. Finally, we compare fixed-priority scheduling against schedule-randomization techniques in terms of the success rate of various schedule-based attacks for both synthetic and realworld applications. Our results show that, in many cases, schedule randomization either has no security benefits or can even increase the success rate of the attacker depending on the priority relation between the attacker and victim tasks.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.