Real Time Operating System (RTOS) — Security and Protection

One of the foremost important components that enter today’s embedded systems is that the “RTOS” or “real-time OS,” which is liable for everything from scheduling tasks to enabling high-level languages like C and Python. it’s a critical component for ensuring predictable and timely execution on embedded devices like those utilized in IoT, robotics, and digital communication systems.

Automated missiles and space satellites are also powered by RTOS these days. Thus, its goals are to supply facilities for time-constrained applications that has got to execute within a particular time- frame while minimizing delays like latencies caused by interrupts and switching threads.As a result, real-time performance is the main criterion in the evaluation of RTOS for most of the applications.

There is a chance of compromising security aspect for attaining better performance efficiency. This compromise in security may lead to disasters as any breach in security can lead to operational errors.

There are two main aspects of the security of RTOS. First is the security within the RTOS i.e. the ability to keep processes separate so one task does not interrupt another. This aspect also affects the stability of the system as any threat may lead the system to fall into an unknown state and cause a system failure.

The second one is related to the networking of RTOS. In the modern era of IoT, RTOS rarely operates alone. It usually controls certain automated machinery and is often linked to a monitoring system that connects to other RTOS for the management of an entire facility. These networks are often referred to as supervisory control and data acquisition (SCADA) or distributed control system (DCS). Therefore, the security of both intra RTOS and inter RTOS communication is of utmost importance.

VxWorks is a real-time operating system used in a variety of IoT devices. A wide sort of industries believe VxWorks to run their critical devices in their daily operations — from healthcare to manufacturing and even security businesses.

This RTOS was found to have 11 vulnerabilities by ARMIS-a IoT device security firm in July 2019, including six critical vulnerabilities, collectively branded URGENT/11. This bug exposed 200 million critical devices. The bug potentially allowed remote attackers the ability to gain full control over an affected device, according to research from security firm Armis.

There can be various ways in which the system can be attacked :

Code injection is the most common and dangerous cyber attack. This attack is implemented by feeding and running arbitrary codes on a computer or real-time operating system. The attackers aim to urge control of your program and alter its command flow also as trigger the program to execute malicious codes.

Some RTOSs lack memory management units. They believe a flat shared memory unit to interchange communication. The message sharing platform is sort of a board where people write messages and their replies. If the incorrect person gets to the message and alters it before the proper person reads it, it might end in a system crash. That is how unmanaged shared memory threatens your system’s security

This normally occurs when a process is denied memory access or resource access, due to a simultaneous ongoing process. For example, if one program takes up more memory, it denies other programs their required memory amount; or if a program hangs an endless loop, other programs lack adequate CPU time. This can be caused by bad programming, a virus, or a hacker who can access the system externally.

In RTOS different processes running simultaneously sometimes need to share resources such as I/O or memory. And the access to these resources is given based on the priority. So mutual exclusion (to avoid context switching) and process priority methods try to solve data and processor sharing problems respectively. But both methods applied at the same time give rise to an issue called priority inversion, which leads to inconsistency.

Though encryption of data is considered one of the ways to secure data while transmission, there are high chances that this data can be intercepted, decrypted, and altered using various techniques. There are techniques such as hashing for more secure data transmission, but embedded systems find it costlier due to the high computational power and memory requirements.

A real-time OS relies on messaging queues to transfer information. Most RTOSs lack protocol to make sure that messages are from safe and bonafide sources. As long because the messages are delivered via a legitimate handle, they’re going to be implemented.A real-time OS accelerates the event schedules and makes the working of any system more efficient. like any technology, however, it’s critical to make sure that each one security gaps are sealed before an attack hinders the operations and therefore the system faces a catastrophic disaster.

Solutions to these attacks :

There are a couple of ways in which may help to form RTOS safer by resolving the safety problems and protecting the system:

The Multiple Independent Level of Security method is a highly preferred framework to resolve security issues. It mainly works on the principle of divide-and-conquer, where a process is divided into multiple independent levels, and applying security protocols to independent kernels. This not only resists the attackers from cracking the system but also isolates the fault, which means that the failure of one partition would not affect the other.

The RTOS system should have a secure identification and authorization mechanism in place to verify a user If users aren’t properly identified and authenticated, then the embedded device is potentially susceptible to access by unauthorized users. User accounts within an embedded device shouldn’t be static in nature. Features that allow separation of user accounts for internal web management, internal console access, also as remote web management and remote console access should be available to stop automated malicious attacks.

RTOS network firewall –

Modern RTOS have network firewall capabilities and any device with a network connection should run with a firewall in place. Firewalls are standard practice for desktop and server systems — embedded devices are increasingly connected to the same networks as larger-scale devices. The firewall should only allow communication via required TCP/IP ports — a firewall is a good first line of defense against network attacks. The firewall ensures all non-essential ports and services are closed off and only allows ports that are specifically configured to be open and available for connection.

Sufficient allocation of storage space :

Quotas are a security control that’s implemented to guard the device from running out of disk, memory, or CPU. As an example, if a DDOS attack is formed against the RTOS system with the intent of overusing the CPU, an unprotected device could essentially appear to freeze up. By being able to set limits on the number of critical resources –such as CPU — a task is able to consume, the overall system is protected from such an attack.

Secure Data Storage :

RTOS system should have capabilities to store data securely using techniques such as encryption and partitioning. No assumptions should be made about the classification and privacy of data used in RTOS systems.

RTOS are developed considering the time, space, computational cost constraints. The rise in its use, access, and networking have created the need for securing the system. The security of an RTOS starts at its design and development phase. In this way, software professionals attempt to build software that can withstand attacks proactively.

BY - Swaraj, Hrishikesh, Mitul, Rushab, Shaurya