Performance monitor counters: Interplay between safety and security in complex cyber-physical systems

Recent years have witnessed the growth of the adoption of cyber-physical systems (CPSs) in many sectors, such as automotive, aerospace, civil infrastructures, and healthcare. Several CPS applications include critical scenarios, where a failure of the system can lead to catastrophic consequences. Therefore, anomalies due to failures or malicious attacks must be detected timely. This paper focuses on two relevant aspects of the design of a CPS: 1) safety and 2) security. It analyzes in a specific scenario how the performance monitor counters (PMCs) available in several commercial microprocessors can be from the one hand a valuable tool to enhance the safety of a system and, on the other hand, a security backdoor. Starting from the example of a PMC-based safety mechanism, this paper shows the implementation of a possible attack and eventually proposes a strategy to mitigate the effectiveness of the attack while preserving the safety of the system.