摘要
太空网络环境具有开放性、随遇接入等特性,处于这种环境下的星载操作系统将面临来自网络的干扰和攻击等安全威胁。为此,文章提出了一种星载操作系统进程安全监控设计。通过插桩技术对星载操作系统的进程控制块数据和控制流数据进行采集,并结合可信计算芯片的保密存储和哈希(HASH)计算能力,对上述数据进行校验,可实现基于进程控制块和控制流的星载操作系统进程安全监控。该设计能够对星载操作系统的运行状态进行安全监控,及时发现恶意代码等的攻击,保证星载操作系统运行时的安全。
The space network has the attribute of openness and accessibility.In such a network environment,satellite operating system will be interfered and attacked by malicious network traffic directly.Hence,a process security monitoring design is proposed to protect the satellite opera-ting system.PCB(process control block)data and control flow data are collected by instrumentation,and verified by encrypted storage and HASH function of authorized computing chip,so the goal of processes security monitoring in satellite operating system is achieved.The design can monitor security conditions of satellite operating system,detect attacking behaviors caused by malicious codes,and make sure of the satellite operating system security during run-time.
作者
杨朋霖
陶利民
王海涛
YANG Penglin;TAO Limin;WANG Haitao(Beijing Institute of Satellite Information Engineering,Beijing 100194,China)
出处
《航天器工程》
CSCD
北大核心
2018年第2期81-87,共7页
Spacecraft Engineering
基金
国防科技创新特区项目(高可信星载操作系统)
关键词
星载操作系统
进程安全
程序插桩
可信计算
satellite operating system
process security
program instrumentation
trusted computing
