Research And Design Of Secure Embedded Operating System Face To Power

Embedded systems have a broad application base in field of power,as the expansion of the scale and the improvement of automation,power system has increasing demands for reliability,security of substation monitoring and protection system.However,due to the conditions of embedded systems own,their security capacities are limited,and information security systems face enormous challenges. Security operating system development is at a preliminary stage in embedded operating system area.Embedded operating systems at home and abroad presently pay major attantions to their real-time and stability,and don't make many considerations to security,which can not meet the more pressing security requriment of system obviously.Paper chooses sub-station system of power as the design object.Construct a secure embedded system applied to power field,which assure safety of the system information.System design use the architecture combing micro-core model and hierarchical model,brought the target system with modular and reliable characteristics,it make the smallest changes to the original core as possible to meet the electricity system requirements of real-time control and stability.In formal design of access control,paper research and analysis various security strategy models,focus on the particularity of secure models applications on the embedded system.Finally based on the BLP,redesign a new secure model namedμBLP,which is suitable to embedded system,and use Z language to standardize the description of the model,to proof it's correctness in further work.The formal design is to meet the higher level of security standards.Paper choosesμC/OS-Ⅱas development prototype.Based on the framework of system,accomplish design of the system overall.As the core of operating system,is the focus of whole design,in its implementation of access control,taking into account the impact of real-time and stability when apply secure strategy,paper introduce a buffer decision-making mechanism.Concrete implement divide secure kernel into some parts,security monitors,strategy cache,arbitration server,and audit module,these sub-modules are coded detailedly.Based on the secure kernel,finally analysis and design the subsystems,including file system and network system,give module relations of the expansion level and memory management specially.In the test phrase,build the test platform,according to the pre-designed security strategy,develop test solutions,and get the target system performance indicators to make quantitative analysis according test results.Test results show that the access to objects in kernel is according with the security policies pre-developed,secure kernel run stable,and the negative effect on real-time system performance does not exceed the original target of 10%.