Explore chapters and articles related to this topic
DREAMS Architectural Style
Published in Hamidreza Ahmadian, Roman Obermaisser, Jon Perez, Distributed Real-Time Architecture for Mixed-Criticality Systems, 2018
R. Obermaisser, M. Abuteir, H. Ahmadian, P. Balbastre, S. Barner, M. Coppola, J. Coronel, A. Crespo, P. Balbastre, G. Fohler, G. Gala, M. Grammatikakis, A. Larrucea Ortube, T. Koller, Z. Owda, D. Weber
KVM converts Host (Linux) Processes into virtual machines, and re-uses most of the common features provided by Host OS such as Process Scheduling, Memory Management, Interrupt Handling etc. In order to support a hard real-time partition, we can either introduce a thin interrupt virtualization layer below the Host kernel or modify most of the Host kernel sub-systems. The former approach is considered a better option, such as using ADEOS (Adaptive Domain Environment for Operating Systems) or a similar one than modifications to the Host kernel, thanks to its smaller TCB (Trusted Computing Base). For example, ADEOS “nanokernel” is composed of a few KLOC for ARM processors as opposed to a fully featured Host OS such as Linux, which has a very large TCB. Thus, an interrupt virtualization layer along with the KVM hypervisor is necessary for realizing the RTOS-GPOS co-existence use-case.
Cyber Diversity Index for Sustainable Self-Control of Machines
Published in Cybernetics and Systems, 2022
“An operating system is said to have system integrity when it is designed, implemented and maintained to protect itself against unauthorized access, and does so to the extent that security controls specified for that system cannot be compromised. A multilevel- secure trusted computing base ensures system integrity. The trusted computing base has the ability to protect itself against unauthorized user access” (IBM-Integrity 2020). Integrity of software and operating systems appears to be subjective, because integrity is assumed until a vulnerability is discovered. The system has no or has partial integrity until patched. The system than has integrity until another vulnerability is discovered. If the vulnerability was never discovered, but still there, the system never had true integrity in the first place. System integrity, perhaps is not about protecting one self or system that cannot be compromised, system that can self-patch or self-heal but is about system that has self-control of its own core purpose. Application Integrity Diversification (AID) is introduced in the experiments as a measurement of an application's integrity or core purpose. Any unknown change to this measurement would signal a deviation of the applications' integrity or its own normal cybernetic behavioral profile.