|Abstract:||Cyber-physical systems (CPS) such as automobiles, power plants, avionics systems, unmanned vehicles, medical devices, manufacturing and home automation systems have distinct cyber and physical components that must work cohesively with each other to ensure correct operation. Many cyber-physical applications have “real-time” constraints, i.e., they must function correctly within predetermined time scales. A failure to protect these systems could result in significant harm to humans, the system or even the environment. While traditionally such systems were isolated from external accesses and used proprietary components and protocols, modern CPS use off-the-shelf components and are increasingly interconnected, often via networks such as the Internet. As a result, they are exposed to additional attack surfaces and have become increasingly vulnerable to cyber attacks. Enhancing security for real-time CPS, however, is not an easy task due to limited resource availability (e.g., processing power, memory, storage, energy) and stringent timing/safety requirements. Security monitoring techniques for cyber-physical platforms (a) must execute with existing real-time tasks, (b) operate without impacting the timing and safety constraints of the control logic and (c) have to be designed and executed in a way that an adversary cannot easily evade it. The objective of my research is to increase security posture of embedded real-time CPS by integrating monitoring/detection techniques that defeat cyber attacks without violating timing/safety constraints of existing tasks. My dissertation work explores the real-time security domain and shows that by employing a combination of multiple scheduling/analysis techniques and interactions between hardware/software-based security extensions, it becomes feasible to integrate security monitoring mechanisms in real-time CPS without compromising timing/safety requirements of existing tasks. In this research, I (a) develop techniques to raise the responsiveness of security monitoring tasks by increasing their frequency of execution, (b) design a hardware-supported framework to prevent falsification of actuation commands — i.e., commands that control the state of the physical system and (c) propose metrics to trade-off security with real-time guarantees. The solutions presented in this dissertation require minimal changes to system components/parameters and thus compatible for legacy systems. My proposed frameworks and results are evaluated through both, simulations and experiments on real off-the-shelf cyber-physical platforms. The development of analysis techniques and design frameworks proposed in this dissertation will inherently make such systems more secure and hence, safer. I believe my dissertation work will bring researchers and system engineers one step closer to understand how to integrate two seemingly diverse yet important fields — real-time CPS and cyber-security — while gaining a better understanding of both areas.