Metasploit for Cyber-Physical Security Testing with Real-Time Constraints

Metasploit is a framework for cybersecurity testing. The Metasploit Framework provides the Hardware Bridge API to enable security testing of cyber-physical systems. Cyber-physical systems and tests/attacks on the systems are subject to real-time constraints. Hence, this research aims to study the timing characteristics of tests implemented using the framework. Several factors, such as the programming language used to write tests, overhead added by the framework, scheduling policies etc., affect the latency and jitter. This paper considers the Controller Area Network used in automotive systems to study the effect of those factors on the timing characteristics. The study evaluates (i) latency and jitter for transmission and reception of the messages in the network and (ii) the jitter in the periodicity in periodic transmission of messages. Based on the results, the study determines the best combination of the factors to minimize the latency and jitter in the tasks considered. The paper performs a case study on actual tests/attacks subject to real-time constraints and analyses the suitability of executing the tests using Metasploit. The study analyses the performance of tasks implemented as Metasploit modules and shows how choices of some factors can significantly improve the temporal characteristics without modifying the Metasploit Framework. The experimental results show some interesting findings related to Ruby and the Metasploit Framework.