Research On Embedded Real-time System' Survivability

With the extensive application of embedded real-time system, traditional information system security technologies which used ideas of "defense" or "inspection" such as Firewall, Intrusion Detection Systems have been unable to meet security needs because of increasing the overall risk of system. Survivability breaks through the traditional security concept of information system and realizes its security from a new point of "coexistence". It emphasizes the capability of a system to fulfill its mission in a timely manner, in the presence of attacks, failures, or accidents. Once encounters invasion attacks, accidents or other catastrophic incidents during operation, if not necessary remedial measures, embedded real-time system will inevitably fail to complete tasks on time and result in huge losses. In this paper, so we start the survivability research from perspective of design and analysis.In this paper, firstly we elaborate the related researches on information system's survivability home and aboard and bring forward a survivable specification of embedded real-time system. Secondly, we lay heavy stress on two sorts of survivability design methods and put forward an enhancement design method which based on intrusion tolerance technology to realize survivability design. On the other hand, we put up an appropriate survival analysis framework for embedded real-time system and analyze survivability of a concrete simple. Specifically, the main work of the paper includes:1. Analyzing and researching systematization on survivability theories home and aboard. Then we introduce the background and the features of survivability and so on. On the other hand, we compare it with other attributes of system such as Safety, Reliability. Through analyzing and researching on those interrelated theory of survivability, we can clarify the development direction of survivability.2. Bringing forward a survivable specification of embedded real-time system. The definition of survivability is now available up to 40. However, the most are only qualitative description of survivability properties. These definitions can not provide a standard for developer to detennine whether a system is survivable or not. The survivable specification brought forward by us can quantify the system survivability and contributes to assessment and quantitative analysis of survivability of embedded real-time system.3. Choosing intrusion tolerance technology to realize survivability design of embedded real-time system on the basis of deep study in the two kinds of design methods of information system's survivability. Through a sample of embedded mobile video-on-demand system, we describe in detail this survivable design method. Module of intrusion tolerance uses redundancy recovery strategy can effectively improve the system capacity to survivability.4. Setting up an appropriate survival analysis framework for embedded real-time system for better analyzable job. The analysis framework proposed is an improvement to four-step analysis SNA. It includes the definition of services specification sets of survivability, the establishment of relations mapping model, the identification of key services and components and so on. The analysis framework includes all definitions and classifications of analytical process of the entire embedded real-time system. At last we facilitate the analysis process with standardization and simplification.5. Applying the analysis framework to analyze survivability of a simple embedded mobile video-on-demand system and verifying the reasonableness and feasibility of survival analysis framework. The final analysis results point out the loopholes of the system, which will help system users to improve the system functions.