This paper addresses time-based information leakage in dataflow-driven real-time systems, investigating whether a low-priority “observer” task can infer the timing behavior of high-priority “victim” tasks—particularly their critical execution modes—by monitoring its own response times. We propose the first side-channel inference method tailored to multimodal real-time tasks, combining response-time statistical modeling with hypothesis testing to systematically quantify timing leakage risks associated with typical and critical execution modes. Evaluated on Raspberry Pi 4, an industrial robot platform, and the ArduPilot UAV task set, our approach achieves a false positive rate below 25%, incurs only 1 MB memory overhead, and maintains end-to-end latency ≤50 ms. The work establishes the first lightweight, deployable, cross-platform empirical framework for side-channel security analysis in real-time systems.

Leaking information about the execution behavior of critical real-time tasks may lead to serious consequences, including violations of temporal constraints and even severe failures. We study information leakage for a special class of real-time tasks that have two execution modes, namely, typical execution (which invokes the majority of times) and critical execution (to tackle exceptional conditions). The data flow-driven applications inherit such a multimode execution model. In this paper, we investigate whether a low-priority"observer"task can infer the execution patterns of a high-priority"victim"task (especially the critical executions). We develop a new statistical analysis technique and show that by analyzing the response times of the low-priority task, it becomes possible to extract the execution behavior of the high-priority task. We test our approach against a random selection technique that arbitrarily classifies a job as critical. We find that correlating the observer's response times with the victim's jobs can result in higher precision in identifying critical invocations compared to a random guess. We conduct extensive evaluations with systemically generated workloads, including a case study using a UAV autopilot (ArduPilot) taskset parameters. We found that our inference algorithm can achieve relatively low false positive rates (less than 25%) with relatively low footprint (1 MB memory and 50 ms timing overhead on a Raspberry Pi 4 platform). We further demonstrate the feasibility of inference on two cyber-physical platforms: an off-the-shelf manufacturing robot and a custom-built surveillance system.