EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Exception-Driven Security: A Risk-Aware Permission Adjustment for High-Availability Embedded Systems

Mina Soltani Siapoush and Jim Alves-Foss ()
Additional contact information
Mina Soltani Siapoush: Center for Secure and Dependable Systems (CSDS), University of Idaho, Moscow, ID 83844, USA
Jim Alves-Foss: Center for Secure and Dependable Systems (CSDS), University of Idaho, Moscow, ID 83844, USA

Mathematics, 2025, vol. 13, issue 20, 1-24

Abstract: Real-time operating systems (RTOSs) are widely used in embedded systems to ensure deterministic task execution, predictable responses, and concurrent operations, which are crucial for time-sensitive applications. However, the growing complexity of embedded systems, increased network connectivity, and dynamic software updates significantly expand the attack surface, exposing RTOSs to a variety of security threats, including memory corruption, privilege escalation, and side-channel attacks. Traditional security mechanisms often impose additional overhead that can compromise real-time guarantees. In this work, we present a Risk-aware Permission Adjustment (RPA) framework, implemented on CHERIoT RTOS, which is a CHERI-based operating system. RPA aims to detect anomalous behavior in real time, quantify security risks, and dynamically adjust permissions to mitigate potential threats. RPA maintains system continuity, enforces fine-grained access control, and progressively contains the impact of violations without interrupting critical operations. The framework was evaluated through targeted fault injection experiments, including 20 real-world CVEs and 15 abstract vulnerability classes, demonstrating its ability to mitigate both known and generalized attacks. Performance measurements indicate minimal runtime overhead while significantly reducing system downtime compared to conventional CHERIoT and FreeRTOS implementations.

Keywords: real-time operating systems (RTOSs); system call; FreeRTOS; Capability Hardware Enhanced RISC Instructions (CHERI); access control; permission adjustment; risk (search for similar items in EconPapers)
JEL-codes: C (search for similar items in EconPapers)
Date: 2025
References: View complete reference list from CitEc
Citations:

Downloads: (external link)
https://www.mdpi.com/2227-7390/13/20/3304/pdf (application/pdf)
https://www.mdpi.com/2227-7390/13/20/3304/ (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:gam:jmathe:v:13:y:2025:i:20:p:3304-:d:1772626

Access Statistics for this article

Mathematics is currently edited by Ms. Emma He

More articles in Mathematics from MDPI
Bibliographic data for series maintained by MDPI Indexing Manager ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-11-15
Handle: RePEc:gam:jmathe:v:13:y:2025:i:20:p:3304-:d:1772626