Expiring opacity problems in parametric timed automata
Étienne André, Engel Lefaucheux, Dylan Marinho
TL;DR
The set of time bounds (or expiration dates) for which a system is opaque and when they can be effectively computed for timed automata are considered and the decidability of several parameterized problems are studied, when not only the bounds, but also some internal timing constants become timing parameters of unknown constant values.
Abstract
Information leakage can have dramatic consequences on the security of real-time systems. Timing leaks occur when an attacker is able to infer private behavior depending on timing information. In this work, we propose a definition of expiring timed opacity w.r.t. execution time, where a system is opaque whenever the attacker is unable to deduce the reachability of some private state solely based on the execution time; in addition, the secrecy is violated only when the private state was entered "recently", i.e., within a given time bound (or expiration date) prior to system completion. This has an interesting parallel with concrete applications, notably cache deducibility: it may be useless for the attacker to know the cache content too late after its observance. We study here expiring timed opacity problems in timed automata. We consider the set of time bounds (or expiration dates) for which a system is opaque and show when they can be effectively computed for timed automata. We then study the decidability of several parameterized problems, when not only the bounds, but also some internal timing constants become timing parameters of unknown constant values.