| The network,which composed of information equipment in naval vessels,is physically isolated from the outside world.And the network is formed by specialized software and hardware.Because of the isolation and specialized equipments,the network on naval vessels is relatively close.The new network attacks on industrial control systems,nuclear facilities and military systems indicate that isolated network is fragile.Traditional information security technology has been unable to prevent attacks against intranet terminals,which has a serious impact on national security.Trusted computing provides a good method for solving this problem.At present,trusted computing technology has been applied to the general system,providing an effective system level security enhancement method for PC,server and mobile equipment.However,the feasibility of applying trusted computing technology to the information equipment with high real-time requirement is still needed to be verified.The work of this dissertation is to design and implement a trusted real-time system.Tests should be done to examine the real-time influence on the system after vTPM was turned on.Based on the character of trustworthy and real-time,there were two ways to realize the trusted real-time system.The first scheme for trusted real-time system was based on Host OS and Guest OS,the Host OS was implemented with vTPM and the Guest OS was patched with Xenomai to Gain real-time performance.The second scheme for trusted real-time system used vTPM to enhance the security of the general purpose OS,together with real-time preemption to realize its charchter of real-time.In the second scheme,system tuning was used to improve the real-time performance of the vTPM process,tpmd.The first trusted real-time system was implemented by building vTPM,TPM virtualization in the Host OS and real-time transformation in the Guest OS.The second trusted real-time system was implemented by building vTPM,Linux real-time preemption and system tuning.In the testing part,the trusted real-time system based on Xenomai,was used to exam the real-time performance of the system after vTPM was implemented and turned on.And the trusted real-time system based on Preempt-rt,was used to exam the real-time performance of the tpmd after system tuning.The results showed that the real-time performance of the system decreased by 8.1% when the vTPM was turned on.With disturbance,the execution time of vTPM commands in trusted real-time system decreased by 32.7% compared to the execution time in compared system.Without disturbance,the execution time of vTPM commands in trusted real-time system decreased by 15.3% compared to the execution time in compared system.And fluctuation did not occur indicated that the trusted real-time system had great stability.The feasibility of the design scheme of trusted real-time system is verified by experimental and data analysis of two sets of trusted real-time systems. |
PDF Full Text Request