English

Mitigating Timing-Based Attacks in Real-Time Cyber-Physical Systems

Systems and Control 2026-02-04 v1 Operating Systems Systems and Control

Abstract

Real-time cyber-physical systems depend on deterministic task execution to guarantee safety and correctness. Unfortunately, this determinism can unintentionally expose timing information that enables adversaries to infer task execution patterns and carry out timing-based attacks targeting safety-critical control tasks. While prior defenses aim to obscure schedules through randomization or isolation, they typically neglect the implications of such modifications on closed-loop control behavior and real-time feasibility. This work studies the problem of securing real-time control workloads against timing inference attacks while explicitly accounting for both schedulability constraints and control performance requirements. We present a scheduling-based mitigation approach that introduces bounded timing perturbations to control task executions in a structured manner, reducing adversarial opportunities without violating real-time guarantees. The framework jointly considers worst-case execution behavior and the impact of execution delays on control performance, enabling the system to operate within predefined safety and performance limits. Through experimental evaluation on representative task sets and control scenarios, the proposed approach demonstrates that exposure to timing-based attacks can be significantly reduced while preserving predictable execution and acceptable control quality.

Keywords

Cite

@article{arxiv.2602.03757,
  title  = {Mitigating Timing-Based Attacks in Real-Time Cyber-Physical Systems},
  author = {Arkaprava Sain and Sunandan Adhikary and Soumyajit Dey},
  journal= {arXiv preprint arXiv:2602.03757},
  year   = {2026}
}

Comments

12 pages, 10 figures

R2 v1 2026-07-01T09:34:40.341Z