Thread Homeostasis: Real-Time Anomalous Behavior Detection for Safety-Critical Software
share
Safety-critical systems must always have predictable and reliable behavior, otherwise systems fail and lives are put at risk. Even with the most rigorous testing it is impossible to test systems using all possible inputs. Complex software systems will often fail when given novel sets of inputs; thus, safety-critical systems may behave in unintended, dangerous ways when subject to inputs combinations that were not seen in development. Safety critical systems are normally designed to be fault tolerant so they do not fail when given unexpected inputs. Anomaly detection has been proposed as a technique for improving the fault tolerance of safety-critical systems. Past work, however, has been largely limited to behavioral parameter thresholds that miss many kinds of system deviations. Here we propose a novel approach to anomaly detection in fault-tolerant safety critical systems using patterns of messages between threads. This approach is based on techniques originally developed for detecting security violations on systems with UNIX-like system call APIs; here we show that they can be adapted to the constraints of safety critical microkernel-based hard real-time systems. We present the design, implementation, and initial evaluation of tH (thread Homeostasis) implemented on a QNX-based self-driving car platform.
READ FULL TEXT