| With the rapid development of communication network technology and integrated circuit design, distributed embedded (Distributed Embedded, DE) systems has being developed to the direction of large-scale, complex and heterogeneous. At the same time, network intrusion endless manner, network security issues are concerned by more and more people. Using traditional security technologies can not realize a system of resist any failures or invasion, while using the system based on tolerate intrusion technology, triggering system tolerance mechanisms when come invasion, it can prevent invasion threat to the system, therefore intrusion tolerance technology has attracted many researchers attention.Replication and voting mechanism are two key technologies of realization system intrusion tolerance. it can improve reliability and availability of system. In this paper, study these two key technologies according to the characteristics of distributed embedded system, and improve to make it suitable for the environmental requirements of distributed embedded system, strengthen tolerance ability of distributed embedded systems.The main contributions of this paper include:1. Conducted a study and improvement on the replication, analyzed the existing intrusion-tolerant system replication priority. Based on the shortcomings, for the DE system real-time, limited resources, features, and with the goal of intrusion tolerance system, designed a semi-active replication technology based on partial copy technology. At the same time take a qualitative analysis of the technology.2. This paper analyzed disadvantages of voting mechanism in the existing intrusion tolerant technology and proposed a new mechanism based on self-test and historical information.3. Used the method of simulation experiment to analyzed the performance of both technologies designed in this paper.First of all, the vote algorithm proposed in the paper and the reliability of weights based on a copy of the voting algorithm on the system reliability were tested and compared; Then copy the design in this paper and voting technology and active replication and majority voting technology for the comparative test including response time to user requests and system resources utilization. Simulation results show that semi-active replication technology based on partial replication can not only reduce the system overhead, but also meet the requirements of real-time DE system. Voting algorithm based on self-test and historical information succeeds in solving the problem of the current voting method in some cases that result can not be output,reach DE system requirements on service continuity, improve the success rate of voting and shortens the waiting time to vote. |
PDF Full Text Request