Research On Runtime Verification And Trusted Networking Of Airborne Embedded Trusted Platform

The airborne embedded network has the characteristics of flexibility,openness,mobility and so on.It has a broad application prospect in the fields of civil and military aviation,such as cooperative operations,emergency rescue,and target tracking.And it is highly concerned by all circles of society.At the same time,the security threats faced by airborne embedded system and its network emerge in endlessly.By integrating trusted platform module for the airborne system,the effective security architecture can be established to fundamentally solve various security issues and meet the information security requirements under the airborne environment.Because the main functions of the trusted platform module are invoked by the trusted software stack and reflected in the state of the software stack,and there are still potential security problems in the running process of the trusted software stack,the existing research work focuses on the static analysis of the platform mostly,which can't provide real-time verification for the software stack during operation.Meanwhile,the existing airborne network lacks an effective fault-tolerance mechanism,and the trusted anomaly node will directly affect the execution of collaborative mission.The research work of this paper aims to make up for the insufficiency of the existing research so as to further improve the security of airborne system and its network.First of all,through in-depth research and detailed description of related technologies such as trusted platform module,trusted software stack,and trusted network connection,the embedded trusted software stack is designed and implemented,and basic functional tests and performance tests were completed,which provide a platform for the research of runtime verification and trusted networking.Secondly,the runtime verification scheme of the embedded trusted platform is studied.Based on the definition of the overall framework of the scheme,and combining with the specific design and implementation of the embedded trusted platform,the monitoring properties specification and the corresponding exception handling mechanism are defined.The scheme can monitor the behavior of the system in real time during system operation,verify whether the monitoring properties meet the system requirements,and deal with the corresponding abnormal properties in real time.The experimental results show that with the increase on the number of monitoring nodes,the precision and real-time performance of our runtime monitoring improves.Meanwhile,the costs on the monitoring and the exception handling are moderate.Finally,we propose a networking scheme based on trusted fusion under the scenario of airborne network communication,which includes four parts: the design of security protection module,authentication and registration of network nodes,trusted fusion,and communication between nodes.When abnormality is found by the runtime verification and the automatic processing can't be performed,a proper trusted normal node will be selected in time for the trusted abnormal node and the relationship between them will be established,so that we can implement the secure call of the abnormal node to the normal node.The networking scheme improves the security and fault tolerance of the airborne network.The fusion node selection algorithm maintains the load balance of the network node,and ensures the normal execution of coordinated task.In the end,the calculation and analysis of the program cost provide necessary basis and recommendations for the optimization of the performance of the program.