,
Risat Mahmud Pathan
Creative Commons Attribution 4.0 International license
Periodic parallel task models, such as Directed Acyclic Graph (DAG), offer significant potential for modeling safety-critical real-time applications, but can introduce security vulnerabilities on multicore platforms. The deterministic schedules of periodic real-time tasks can be exploited through schedule-based side-channel attacks - causing missed deadlines or leaking sensitive information. Schedule randomization can address this vulnerability, yet existing work targets sequential tasks and lacks models that incorporate security for parallel workloads while meeting the real-time constraints. Furthermore, no widely accepted metric quantitatively measures the security gained from randomization against different attacker classes. This paper proposes Controlled DAG Randomization (CDR), a scheduler-oblivious framework that randomizes the schedule of periodic real-time DAG tasks while preserving hard deadline guarantees. Each DAG is transformed into an Augmented DAG (ADAG) via two mechanisms: dependency augmentation, which adds edges to constrain concurrency, and temporal augmentation, which inserts additional vertices/subtasks that introduce random delays. At runtime, two algorithms randomize the structure of each released instance of the DAG: one adds random precedence edges, and the other assigns randomized execution budgets to the augmented subtasks of the ADAG - both while maintaining schedulability. Two attacker-aware metrics, System Threat and Task Distribution Entropy, are proposed, targeting intrusive and observation-based attackers, respectively. Extensive simulations on single- and multi-task systems show significant vulnerability reductions. We also observe that increased resources do not always strengthen security and can diminish randomization effectiveness, highlighting the need for carefully designed schedules to realize real security benefits.
@InProceedings{zhang_et_al:LIPIcs.ECRTS.2026.9,
author = {Zhang, Xiuqi and Pathan, Risat Mahmud},
title = {{Randomizing Parallel Real-Time Tasks: A Scheduler-Oblivious Mechanism to Harness Security}},
booktitle = {38th European Conference on Real-Time Systems (ECRTS 2026)},
pages = {9:1--9:25},
series = {Leibniz International Proceedings in Informatics (LIPIcs)},
ISBN = {978-3-95977-429-1},
ISSN = {1868-8969},
year = {2026},
volume = {375},
editor = {Kritikakou, Angeliki},
publisher = {Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
address = {Dagstuhl, Germany},
URL = {https://drops.dagstuhl.de/entities/document/10.4230/LIPIcs.ECRTS.2026.9},
URN = {urn:nbn:de:0030-drops-266014},
doi = {10.4230/LIPIcs.ECRTS.2026.9},
annote = {Keywords: Real-time systems, DAG scheduling, side-channel defense}
}