Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Concurrent Reactive Objects in Rust Secure by Construction
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.ORCID iD: 0000-0002-1791-535x
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
2019 (English)In: Ada User Journal, ISSN 1381-6551, Vol. 40, no 1Article in journal (Refereed) Published
Abstract [en]

Embedded systems of the IoT era face the software developer with requirements on a mix of resource efficiency, real-time, safety, and security properties. As of today, C/C++ programming dominates the mainstream of embedded development, which leaves ensuring system wide properties mainly at the hands of the programmer. We adopt a programming model and accompanying framework implementation that leverages on the memory model, type system, and zero-cost abstractions of the Rust language. Based on the outset of reactivity, a software developer models a system in terms of Concurrent Reactive Objects (CROs) hierarchically grouped into Concurrent Reactive Components (CRCs) with communication captured in terms of time constrained synchronous and asynchronous messages. The developer declaratively defines the system, from which a static system instance can be derived and analyzed. A system designed in the proposed CRC framework has the outstanding properties of efficient, memory safe, race-, and deadlock-free preemptive (single-core) execution with predictable real-time properties. In this paper, we further explore the Rust memory model and the CRC framework towards systems being secure by construction. In particular, we show that permissions granted can be freely delegated without any risk of leakage outside the intended set of components. Moreover, the model guarantees permissions to be authentic, i.e., neither manipulated nor faked. Finally, the model guarantees permissions to be temporal, i.e., never to outlive the granted authority. We believe and argue that these properties offer the fundamental primitives for building secure by construction applications and demonstrate its feasibility on a small case study, a wireless autonomous system based on an ARM Cortex M3 target.

Place, publisher, year, edition, pages
Ada Language UK Ltd. , 2019. Vol. 40, no 1
National Category
Computer Sciences
Research subject
Dependable Communication and Computation Systems
Identifiers
URN: urn:nbn:se:ltu:diva-71246Scopus ID: 2-s2.0-85067078450OAI: oai:DiVA.org:ltu-71246DiVA, id: diva2:1256722
Note

Validerad;2019;Nivå 1;2019-04-09 (inah)

Available from: 2018-10-17 Created: 2018-10-17 Last updated: 2019-06-28Bibliographically approved
In thesis
1. !secure(system) <=?=> !safe(system): On Security and Safety of Industrial Software Systems
Open this publication in new window or tab >>!secure(system) <=?=> !safe(system): On Security and Safety of Industrial Software Systems
2019 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

The focus of our research work is on readily accessible, embedded, real-time development with concurrency support. To this end, we develop the Real-Time For the Masses (RTFM) programming framework with a model of computation based on tasks and resources and that stipulates a timing semantics. Typically, hard real-time requirements are a characteristic of safety-critical applications. In contrast to runtime verification, such applications primarily require static assurances concerning safety and security attributes. This thesis discusses the building blocks for a statically analyzable programming paradigm for embedded real-time applications and its implementation. Svenska kraftnät funded the research presented in this thesis and set the scope to industrial automation. Consequently, we also investigate the applicability of our RTFM framework for scheduling and resource management for the runtime environments of industrial applications. We start by reviewing relevant and well-established industry standards to build background knowledge of the state-of-the-art safety and security requirements in software development. Special attention is placed on the IEC 61131 and IEC 61499 standards for industrial software development and their programming and execution model. We show the feasibility of using IEC 61499 as a holistic, distributed, and hierarchical model with mappings from the functional layer (IEC 61499 function block networks) and safety layer (PLCopen safety function blocks) to RTFM. We also demonstrate that our Rust-based RTFM implementation enables static verification for a myriad of safety and security attributes. Moreover, our investigations reveal a mutual dependency of safety and security in the context of software systems. For this reason, we believe and argue that safety and security cannot be considered independent during the design and implementation of safety-critical applications. Upon closer examination, we even conclude that safety and security are equivalent.

 

Place, publisher, year, edition, pages
Luleå: Luleå University of Technology, 2019
Series
Doctoral thesis / Luleå University of Technology 1 jan 1997 → …, ISSN 1402-1544
Keywords
embedded systems, hard real-time, concurrency, model of computation, safety-critical, safety, security, industrial automation, RTFM, real-time for the masses
National Category
Embedded Systems
Research subject
Embedded Systems
Identifiers
urn:nbn:se:ltu:diva-73059 (URN)978-91-7790-320-8 (ISBN)978-91-7790-321-5 (ISBN)
Public defence
2019-05-08, A3024, Luleå, 13:00 (English)
Opponent
Supervisors
Available from: 2019-03-01 Created: 2019-02-27 Last updated: 2019-09-26Bibliographically approved

Open Access in DiVA

fulltext(291 kB)47 downloads
File information
File name FULLTEXT01.pdfFile size 291 kBChecksum SHA-512
23dbcf70a2836f164b4a6aa861a05f29e837a7c96bf97b1912c2ce1eaf323752e777a389267813ec28e3e46ba2b92be22caaa64bb83d7888ddafaa97539b39d9
Type fulltextMimetype application/pdf

Scopus

Authority records BETA

Lindner, MarcusLindgren, Per

Search in DiVA

By author/editor
Lindner, MarcusAparicio, JorgeLindgren, Per
By organisation
Computer Science
In the same journal
Ada User Journal
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 47 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 226 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf