嵌入式系统弹性应对方法研究
|
摘要
嵌入式系统应用越来越广泛,而且正日益变得庞大和复杂化,造成系统的可靠性与安全性越来越差。如何让嵌入式系统在遭受侵害时保持一定的性能并安全运行,是嵌入式系统一个十分重要的研究领域,嵌入式系统弹性应对机制应运而生。目前的嵌入式系统安全研究往往从静态预防的角度考虑问题,缺乏动态安全策略的设计思想,无法动态掌握系统运行时的安全状况并做出响应,对嵌入式系统硬件配置变化的适应性较差。本文为解决这些问题,提出了弹性应对的解决思路,主要开展了以下几方面的研究工作:
分析了嵌入式系统安全领域的研究现状,对嵌入式操作系统安全、进程安全和系统调度等方面进行了说明和评述。探索了实现弹性应对机制的方法,对嵌入式操作系统安全体系结构、检查点机制和嵌入式操作系统调度等提升嵌入式系统安全可靠性的技术进行了介绍。
深入研究了弹性应对理论及相关方法,定义了弹性应对机制,介绍了嵌入式操作系统体系结构的安全增强方法、嵌入式系统安全弱点和虚拟文件系统。对Flask安全框架、SELinux安全机制、弱点检测与评估和动态策略配置等实现弹性应对机制的技术进行了详细分析。基于SELinux安全机制,提出了嵌入式操作系统弹性应对体系结构,讨论了动态评价系统安全状况和动态策略配置的方法,在体系结构方面提升了嵌入式系统的弹性应对能力。
针对现有嵌入式系统无法动态掌握系统运行时的安全状况并做出响应的问题,提出了基于弱点特征的安全等级评估方法,实现了动态实时的系统安全状况评价,为系统动态配置安全策略和动态设置检查点时间间隔提供了决策支持。详细阐述了组合弱点的危害评估、弱点特征向量分类等实现安全评估的方法,讨论了最少弱点组合问题、弱点特征向量最佳分类数问题和弱点危害估值的更新问题。
以安全等级评估为基础,为提高系统的容错性、健壮性、稳定性和可恢复性,提出基于动态检查点时间间隔的进程弹性应对方法,应用检查点机制实现了系统进程的备份与恢复。为实现检查点时间间隔的动态调整,对计算最优静态检查点时间间隔的“J.T.Daly模型”进行了改进,并基于此模型提出了一种动态设置检查点时间间隔的新方法。与静态设置检查点时间间隔相比,动态设置检查点时间间隔的方法降低了检查点的开销率,提升了系统进程的弹性应对能力。
针对嵌入式系统运行过程中硬件系统配置变化引起的系统任务调度异常问题,分析了系统调度异常产生的原因,提出了嵌入式系统任务调度异常的弹性应对方法。对调度异常进行了形式化描述,定义了调度的平稳性。基于调度平稳性提出了DX和SAR两种调度规则,使操作系统对硬件配置变化的适应性更强,提升了调度的平稳性,有效的阻止了系统硬件配置变化带来的调度异常。
With more and more widely used, Embedded Systems become large and complex, resulting that reliability and security of the system is getting worse. How to maintain a certain performance and continued safe operation when Embedded System is infringed is a very important area of Embedded System research. Therefore, Embedded System Flexibility Response mechanism appears. The current research on Embedded System security often considers from the perspective of static preventing, lack of the design consideration for dynamic security strategies, thus can not dynamically get security situation of running system and respond. Meanwhile, the adaptability to Embedded System hardware configuration changes is weak. To solve these problems, the idea of the Flexibility Response is proposed in this paper. Research is carried out in the following areas:
The research situation of Embedded System security is analyzed. The Embedded Operating System security, process safety, system scheduling and other aspects are described and reviewed. Ways of Flexibility Response are explored. The technique that is Embedded Operating System security architecture, checkpoint technique and Embedded Operating System scheduling is introduced, which can enhance security and reliability of Embedded System.
The Flexibility Response theory and related methods are in-depth studied, and the Flexibility Response mechanism is defined. The security enhancement method of the Embedded Operating System architecture, Embedded System security vulnerabilities and virtual file system are introduced. It is detailedly analyzed that technology to achieve Flexibility Response mechanism which includes security framework of the Flask, SELinux security mechanism, vulnerabilities detecting and evaluation and dynamic strategies configuration. Based on SELinux security mechanism, the Embedded Operating System Flexibility Response architecture is proposed, and the methods of security situation dynamic evaluation and dynamic strategies configuration are discussed, so as to enhance the Flexibility Response capability of Embedded System in terms of system architecture.
To deal with the problem that Embedded System can not dynamically get security situation and respond when system is running, the assessment methods of security level based on vulnerability feature is proposed, which achieve dynamic real-time evaluation of system security and provide a decision support for the system dynamic configuration of security strategies and dynamic setting checkpoint interval. Methods of the risk assessment of the combination of vulnerabilities and the vulnerabilities feature vector classification that achieve security assessment are expounded. Issues which include the problem of the least vulnerabilities combination, the problem of best number of classification for vulnerabilities feature vectors and the problem of vulnerabilities harm assessment updating are discussed.
Based on assessment of the security level, to improve the system fault-tolerant capability, robustness, stability and recoverability, Flexibility Response method for process based on the dynamic checkpoint intervals is proposed. Backup and recovery of the system process is realized by the application of checkpoint mechanism. In order to realize the dynamic adjustment of checkpoint interval, the "J.T. Daly model" that calculate the optimal static checkpoint interval is improved. Based on this model, a new approach for dynamically setting the checkpoint interval is proposed. Compared with static checkpoint interval setting, the dynamic checkpoint interval setting approach reduced the checkpoint overhead rates and improved Flexibility Response capacity of the system.
To cope with problems of system task scheduling exception in the running Embedded System caused by system hardware configuration changes, the causes of system scheduling exception are analyzed, and the Flexibility Response method to deal with system task scheduling exception of Embedded System is proposed. The formal description on scheduling exception and definition of the scheduling stability are given. Based on scheduling stability, two scheduling rules SAR and DX are proposed, which enhance the adaptability of the Embedded Operating System to the hardware configuration changes and improve the scheduling stability, effectively preventing scheduling exception brought by the system hardware configuration changes.
分析了嵌入式系统安全领域的研究现状,对嵌入式操作系统安全、进程安全和系统调度等方面进行了说明和评述。探索了实现弹性应对机制的方法,对嵌入式操作系统安全体系结构、检查点机制和嵌入式操作系统调度等提升嵌入式系统安全可靠性的技术进行了介绍。
深入研究了弹性应对理论及相关方法,定义了弹性应对机制,介绍了嵌入式操作系统体系结构的安全增强方法、嵌入式系统安全弱点和虚拟文件系统。对Flask安全框架、SELinux安全机制、弱点检测与评估和动态策略配置等实现弹性应对机制的技术进行了详细分析。基于SELinux安全机制,提出了嵌入式操作系统弹性应对体系结构,讨论了动态评价系统安全状况和动态策略配置的方法,在体系结构方面提升了嵌入式系统的弹性应对能力。
针对现有嵌入式系统无法动态掌握系统运行时的安全状况并做出响应的问题,提出了基于弱点特征的安全等级评估方法,实现了动态实时的系统安全状况评价,为系统动态配置安全策略和动态设置检查点时间间隔提供了决策支持。详细阐述了组合弱点的危害评估、弱点特征向量分类等实现安全评估的方法,讨论了最少弱点组合问题、弱点特征向量最佳分类数问题和弱点危害估值的更新问题。
以安全等级评估为基础,为提高系统的容错性、健壮性、稳定性和可恢复性,提出基于动态检查点时间间隔的进程弹性应对方法,应用检查点机制实现了系统进程的备份与恢复。为实现检查点时间间隔的动态调整,对计算最优静态检查点时间间隔的“J.T.Daly模型”进行了改进,并基于此模型提出了一种动态设置检查点时间间隔的新方法。与静态设置检查点时间间隔相比,动态设置检查点时间间隔的方法降低了检查点的开销率,提升了系统进程的弹性应对能力。
针对嵌入式系统运行过程中硬件系统配置变化引起的系统任务调度异常问题,分析了系统调度异常产生的原因,提出了嵌入式系统任务调度异常的弹性应对方法。对调度异常进行了形式化描述,定义了调度的平稳性。基于调度平稳性提出了DX和SAR两种调度规则,使操作系统对硬件配置变化的适应性更强,提升了调度的平稳性,有效的阻止了系统硬件配置变化带来的调度异常。
With more and more widely used, Embedded Systems become large and complex, resulting that reliability and security of the system is getting worse. How to maintain a certain performance and continued safe operation when Embedded System is infringed is a very important area of Embedded System research. Therefore, Embedded System Flexibility Response mechanism appears. The current research on Embedded System security often considers from the perspective of static preventing, lack of the design consideration for dynamic security strategies, thus can not dynamically get security situation of running system and respond. Meanwhile, the adaptability to Embedded System hardware configuration changes is weak. To solve these problems, the idea of the Flexibility Response is proposed in this paper. Research is carried out in the following areas:
The research situation of Embedded System security is analyzed. The Embedded Operating System security, process safety, system scheduling and other aspects are described and reviewed. Ways of Flexibility Response are explored. The technique that is Embedded Operating System security architecture, checkpoint technique and Embedded Operating System scheduling is introduced, which can enhance security and reliability of Embedded System.
The Flexibility Response theory and related methods are in-depth studied, and the Flexibility Response mechanism is defined. The security enhancement method of the Embedded Operating System architecture, Embedded System security vulnerabilities and virtual file system are introduced. It is detailedly analyzed that technology to achieve Flexibility Response mechanism which includes security framework of the Flask, SELinux security mechanism, vulnerabilities detecting and evaluation and dynamic strategies configuration. Based on SELinux security mechanism, the Embedded Operating System Flexibility Response architecture is proposed, and the methods of security situation dynamic evaluation and dynamic strategies configuration are discussed, so as to enhance the Flexibility Response capability of Embedded System in terms of system architecture.
To deal with the problem that Embedded System can not dynamically get security situation and respond when system is running, the assessment methods of security level based on vulnerability feature is proposed, which achieve dynamic real-time evaluation of system security and provide a decision support for the system dynamic configuration of security strategies and dynamic setting checkpoint interval. Methods of the risk assessment of the combination of vulnerabilities and the vulnerabilities feature vector classification that achieve security assessment are expounded. Issues which include the problem of the least vulnerabilities combination, the problem of best number of classification for vulnerabilities feature vectors and the problem of vulnerabilities harm assessment updating are discussed.
Based on assessment of the security level, to improve the system fault-tolerant capability, robustness, stability and recoverability, Flexibility Response method for process based on the dynamic checkpoint intervals is proposed. Backup and recovery of the system process is realized by the application of checkpoint mechanism. In order to realize the dynamic adjustment of checkpoint interval, the "J.T. Daly model" that calculate the optimal static checkpoint interval is improved. Based on this model, a new approach for dynamically setting the checkpoint interval is proposed. Compared with static checkpoint interval setting, the dynamic checkpoint interval setting approach reduced the checkpoint overhead rates and improved Flexibility Response capacity of the system.
To cope with problems of system task scheduling exception in the running Embedded System caused by system hardware configuration changes, the causes of system scheduling exception are analyzed, and the Flexibility Response method to deal with system task scheduling exception of Embedded System is proposed. The formal description on scheduling exception and definition of the scheduling stability are given. Based on scheduling stability, two scheduling rules SAR and DX are proposed, which enhance the adaptability of the Embedded Operating System to the hardware configuration changes and improve the scheduling stability, effectively preventing scheduling exception brought by the system hardware configuration changes.
引文
[1]Y. Jeong, Y. Yun, B. Jung, et al. Protection profile for security enhancement of embedded operating system for mobile terminals, in 2008 10th International Conference on Advanced Communication Technology, Febrary 17,2008-Febrary 20, 2008. Phoenix Park, Korea, Republic of.2008:1908-1911P
[2]P. Koopman. Embedded system security. Computer,2004,37(7):95-97P
[3]S. Parameswaran, T. Wolf. Embedded systems security-an overview. Design Automation for Embedded Systems,2008,12(3):173-183P
[4]吴新勇.嵌入式操作系统安全保障技术研究.电子科技大学电子科技大学博士学位论文.2003
[5]龚育昌,吴明桥,张晔等.安全操作系统中的权能管理模型.小型微型计算机系统.2006.27(1):5页
[6]A. Boudou, C. Siegelin, J.C. Marchetaux. Access control method and device in an embedded system.2008, Google Patents
[7]R. Ahmed, J. Mo Koo, Y. Hoon Jeong, et al. Design of safety-critical systems using the complementarities of success and failure domains with a case study. Reliability Engineering & System Safety,2010
[8]T. Aven. Identification of safety and security critical systems and activities. Reliability Engineering & System Safety,2009,94(2):404-411P
[9]P.H. Feiler. Challenges in Validating Safety-Critical Embedded Systems. SAE International Journal of Aerospace,2010,3(1):109P
[10]J.C. Knight. Safety critical systems:challenges and directions.2002:547-550P.
[11]江维.嵌入式操作系统安全机制研究与扩展实现.电子科技大学电子科技大学硕士学位论文.2006
[12]李冬.安全Linux操作系统的设计与研究.西北工业大学西北工业大学硕士学位论文.2005
[13]沈松武.嵌入式操作系统安全机制的设计与实现.中国科学院软件研究所中国科学院软件研究所硕士学位论文.2008
[14]石文昌.安全操作系统研究的发展(下).计算机科学;COMPUTER SCIENCE.2002.29(7):4页
[15]R. Lu, J. Han, X. Zeng, et al. A low-cost cryptographic processor for security embedded system.2008:113-114P
[16]H. Huang, C. Hu, J. He. A security embedded system base on TCM and FPGA.2009
[17]Z. Chen, C. Shen, Y. Liu, et al. A security enhancement architecture for COTS operating system, in 1st International Symposium on Data, Privacy, and E-Commerce, ISDPE 2007, November 1,2007-November 3,2007. Chengdu, China.2007: 434-438P
[18]J.L. Clark. Unix operating system security, in Proceedings of the IFIP TC11 8th International Conference on Information Security, May 27-29 1992. Singapore, Singapore.1992:335-335P
[19]F.T. Grampp, R.H. Morris. UNIX OPERATING SYSTEM SECURITY. AT&T Bell Laboratories Technical Journal,1984,63(8 pt 2):1649-1672P
[20]X. Nie, D. Feng, J. Che, et al. Design and implementation of security operating system based on trusted computing, in 2006 International Conference on Machine Learning and Cybernetics, August 13,2006-August 16,2006. Dalian, China.2006: 2776-2781P
[21]J. Song, G. Hu, Q. Xu. Operating system security and host vulnerability evaluation, in International Conference on Management and Service Science, MASS 2009, September 20,2009-September 22,2009. Wuhan, China.2009:Communication University of China; Wuhan University; James Madison University; Institute of Policy and Management, Chinese Academy of Sciences; IEEE Wuhan SectionP
[22]R.R. Linde, C. Weissman, C.E. Fox. The ADEPT-50 time-sharing system.1969: 39-50P
[23]C. Weissman. Security controls in the ADEPT-50 time-sharing system, in Proceedings of the November 18-20,1969, fall joint computer conference. Las Vegas, Nevada. 1969:119-133P
[24]B.W. Lampson. Protection. ACM SIGOPS Operating Systems Review,1974,8(1): 18-24P
[25]E.I. Organick, The Multics system:an examination of its structure.1972
[26]刘彦明,董庆宽,李小平.BLP模型的完整性增强研究.通信学报.2010(02):100-106页
[27]M.A. Harrison, W.L. Ruzzo, J.D. Ullman. Protection in operating systems. Communications of the ACM,1976,19(8):461-471P
[28]R. Spencer, S. Smalley, P. Loscocco, et al. The Flask security architecture:System support for diverse security policies.1999:11-11P
[29]M. Gregory, P. Loscocco. Using the flask security architecture to facilitate risk adaptable access controls.2007.
[30]J. Lepreau, R. Spencer, S. Smalley, et al. The Flask Security Architecture:System Support for Diverse Security Policies.2006, SECURE COMPUTING CORP SAINT PAUL MN
[31]蔡谊,沈昌祥.安全操作系统发展现状及对策.信息安全与通信保密.2001(07):30-33页
[32]杨涛,陈福接,沈昌祥.一个安全操作系统S-UNIX的研究与设计.计算机学报.1993(06):409-415页
[33]刘文清,卿斯汉,刘海峰.一个修改BLP安全模型的设计及在SecLinux上的应用.软件学报.2002.13(4):7页
[34]J. Alves-Foss, P.W. Oman, C. Taylor, et al. The MILS architecture for high-assurance embedded systems. International Journal of Embedded Systems,2006,2(3):239-247P
[35]P. Kocher, R. Lee, G. McGraw, et al. Security as a new dimension in embedded system design.2004:753-760P
[36]L. Friedrich. A Survey of Operating Systems Infrastructure for Embedded Systems. 2009
[37]K. Budzynska, M. Kacprzak, P. Rembelski. Perseus. Software for Analyzing Persuasion Process.2009,93(1/3):15P
[38]P. Shinde, P. Sharma, S. Guntupalli. Automated process classification framework using SELinux security context, in 3rd International Conference on Availability, Security, and Reliability, ARES 2008, March 4,2008-March 7,2008. Barcelona, Spain.2008:592-596P
[39]K. Sueyasu, T. Tabata, K. Sakurai. On the security of SELinux with a simplified policy, in Proceedings of the LASTED International Conference on Communication, Network, an d Information Security, December 10,2003-December 12,2003. New York, NY., United states.2003:79-84P
[40]肖永康,纪翠玲,谢宝恂等.SELinux勺安全机制和安全模型.计算机应用.2009.29(z1):3页
[41]王静SELinux的访问控制模型的分析与研究.计算机安全.2008(11):4页
[42]熊光泽,徐伦峰.CRTOS/386P嵌入式实时操作系统在EV386EX上的实现.第六届全国抗恶劣环境计算机学术年会.1996.杭州
[43]张平.CRTOS/386P移植和配置技术的研究与实现.电子科技大学电子科技大学硕士学位论文.1997
[44]赖明志.嵌入式实时操作系统CRTOS Micro移植技术与功能可伸缩机制研究.电 子科技大学电子科技大学硕士学位论文.2000
[45]J. Chen, Y. Yang. Temporal dependency based checkpoint selection for dynamic verification of fixed-time constraints in grid workflow systems. in 30th International Conference on Software Engineering 2008, ICSE'08, May 10,2008-May 18,2008.Leipzig,Germany.2008:141-150P
[46]周国峰.进程检查点技术的改进.计算机工程与科学;COMPUTERENGINEERING &;SCIENCE.2004.26(12):3页
[47]汪东升.一种基于检查点的卷回恢复与进程迁移系统.软件学报;JOURNAL OFSOFTWARE.1999.10(1):6页
[48]Y. Zhang, J. Jiang. Bibliographical review on reconfigurable fault-tolerant control systems. Annual Reviews in Control,2008,32(2):229-252P
[49]李海山,徐火生,欧中红等.TMR容错计算故障恢复技术研究.计算机科学.2008.35(7):4页
[50]B. Joshi, D. Pradhan, J. Stiffler. Fault-Tolerant Computing.2008
[51]张光辉.采用增量检查点技术改进Condor检查点机制的研究.河南农业大学学报;JOURNAL OF HENAN AGRICULTURAL UNIVERSITY.2010.44(6)
[52]H. Zhong, J. Nieh. CRAK:Linux checkpoint/restart as a kernel module. Department of Computer Science, Columbia University, Tech. Rep. CUCS-014-01,2001
[53]蒋廷耀.一种新的优化的检查点间隔的求解模型.小型微型计算机系统;MINI-MICRO SYSTEMS.2003.24(3):4页
[54]陈鸿.改进的检查点间隔动态设置算法.南京大学学报(自然科学版);JOURNAL OF NANJING UNIVERSITY(NATURAL SCIENCES).2005.41(z1):7页
[55]梁蓓,张大方,杨金民等.用时间序列分析方法动态确定检查点时间间隔.系统仿真学报.2004.16(1 0):4页
[56]殷建军.嵌入式系统中备份/恢复技术的研究与实现.华中科技大学.2006
[57]高富强,秦昌硕,游纪原等.UC/OS-Ⅱ内核扩充时间片轮转调度算法的设计.计算机应用.2009.29(4):4页
[58]C. Yaashuwanth, D.R. Ramesh. A New Scheduling Algorithms For Real Time Tasks. Arxiv preprint arXiv:0912.0606,2009
[59]A. Balogh, A. Pataricza, J. Racz. Scheduling of embedded time-triggered systems. in 2007 Workshop on Engineering Fault Tolerant Systems, EFTS'07, September 4,2007-September 4,2007. Dubrovnik, Croatia.2007.
[60]W.K. Seong, K.K. Byung. Task-scheduling strategies for reliable TMR controllers using task grouping and assignment. IEEE Transactions on Reliability,2000,49(4): 355-362P
[61]R. Al-Omari, A.K. Somani, G. Manimaran. An adaptive scheme for fault-tolerant scheduling of soft real-time tasks in multiprocessor systems. Journal of Parallel and Distributed Computing,2005,65(5):595-608P
[62]何军,孙玉方.提高软非周期任务响应性能的调度算法.软件学报.1998.9(10):721-727页
[63]侯爽,宋颖慧.一种实时系统中的多任务可预测调度算法.计算机工程.2004(16):67-69页
[64]宋颖慧,迟关心,赵万生等.增强Linux内核实时性能的研究与实现.哈尔滨工业大学学报.2005(06):763-765页
[65]刘怀,费树岷.基于双优先级的实时多任务动态调度.计算机工程.2005(18):16-18页
[66]刘怀,胡继峰.实时系统的多任务调度.计算机工程.2002(03):43-44+150页
[67]卿斯汉,刘文清,刘海峰.操作系统安全导论.北京:科学出版社,2003:
[68]Q. Ou, F. Luo, K. Huang. High-security system primitive for embedded systems. in 1st International Conference on Multimedia Information Networking and Security, MINES 2009, November 17,2009-November 20,2009. Hubei, China.2009: 319-321P
[69]林建民.嵌入式操作系统技术发展趋势.计算机工程.2001.27(10):4页
[70]吴明桥,陈香兰,张哗等.一种基于服务体/执行流的新型操作系统构造模型.中国科学技术大学学报.2006(02):230-236页
[71]江维.嵌入式操作系统安全机制研究与扩展实现.电子科技大学电子科技大学硕士学位论文.2006
[72]沈松武.嵌入式操作系统安全机制的设计与实现.2008
[73]杨洪路.计算机脆弱性分类的研究.计算机工程与设计;COMPUTER ENGINEERING AND DESIGN.2004.25(7):3页
[74]张永铮.计算机安全弱点及其对应关键技术研究.哈尔滨工业大学博士学位论文.2006
[75]O.H. Alhazmi, Y.K. Malaiya, I. Ray. Measuring, analyzing and predicting security vulnerabilities in software systems. Computers & Security,2007,26(3):219-228P
[76]浦海挺.安全操作系统的体系架构及其实现模型.四川大学四川大学硕士学位论文.2004
[77]佘影.基于Linux系统的安全访问控制策略研究.重庆大学重庆大学硕士学位论文.2007
[78]B. Hennessey, B. Norman, R.B. Wesson. Security simulation for vulnerability assessment, in 2006 40th Annual IEEE International Carnahan Conference on Security Technology, ICCST, October 16,2006-October 19,2006. Lexington, KY, United states.2006:46-50P
[79]C. Lin, C. Chen, C. Laih. A study and implementation of vulnerability assessment and misconfiguration detection, in Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008.445 Hoes Lane-P.O.Box 1331, Piscataway, NJ 08855-1331, United States.2008:1252-1257P
[80]J. Wang, J. Wang, S. Cheng, et al. Software vulnerability detection system based on uniform intermediate representation. Qinghua Daxue Xuebao/Journal of Tsinghua University,2010,50(SUPPL.1):1502-1507P
[81]P.D. Zegzhda, D.P. Zegzhda, M.O. Kalinin. Vulnerabilities detection in the configurations of MS windows operating system, in 3rd International Workshop on Mathematical Methods, Models, and Architectures for Computer Network Security, MMM-ACNS 2005, September 24,2005-September 28,2005. St. Petersburg, Russia. 2005:339-351P
[82]张永铮,方滨兴,迟悦.计算机弱点数据库综述与评价.计算机科学.2006(08):19-21+49页
[83]张涛,胡铭曾,李东等.一种量化的软件弱点评估方法.计算机工程与应用.2005(27):7-9+50页
[84]张永铮,云晓春,胡铭曾.基于特权提升的多维量化属性弱点分类法的研究.通信学报.2004(07):107-114页
[85]J. Liu, J. Wang, Q. Wei, et al. Vulnerability detection based on a dangerous function approach. Qinghua Daxue Xuebao/Journal of Tsinghua University,2010,50(SUPPL 1):1529-1533P
[86]L. Moohun, C. Sunghoon, J. Changbok, et al. A rule-based security auditing tool for software vulnerability detection, in 2006 International Conference on Hybrid Information Technology, ICHIT 2006, November 9,2006-November 11,2006. Cheju Island, Korea, Republic of.2006:505-512P
[87]J. Wang, J. Wang, S. Cheng, et al. Software vulnerability detection system based on uniform intermediate representation. Qinghua Daxue Xuebao/Journal of Tsinghua University,2010,50(SUPPL.1):1502-1507P
[88]P. Zhang, J. Shang, Z. Liang. Application of multi-agent model in vulnerability detection system, in 2007 1st International Symposium on Information Technologies and Applications in Education, ISITAE 2007, November 23,2007-November 25, 2007. Kunming, China.2007:311-314P
[89]X. Zhang, L. Shao, J. Zheng. A novel method of software vulnerability detection based on fuzzing technique, in 2008 International Conference on Apperceiving Computing and Intelligence Analysis, ICACIA 2008, December 13,2008-December 15,2008. Chengdu, China.2008:270-273P
[90]谷增军.基于模糊综合评判的安全风险评估模型及应用.财会通讯.2010(22):122-123页
[91]朱璟,蔡敏,杜义.模糊综合评判决策在软件质量评估中的应用.软件导刊.2010(11):3-4页
[92]T. Aslam. A taxonomy of security faults in the unix operating system. Citeseer.1995
[93]M. Bishop. A taxonomy of unix system and network vulnerabilities.1995, Citeseer
[94]S. Hansman, R. Hunt. A taxonomy of network and computer attacks. Computers & Security,2005,24(1):31-43P
[95]席景科.空间聚类分析及评价方法.计算机工程与设计;COMPUTERENGINEERING AND DESIGN.2009.30(7):4页
[96]张惟皎.聚类质量的评价方法.计算机工程;COMPUTER ENGINEERING.2005.31(20):3页
[97]Y. Huang, L. Ping, X. Pan, et al. Fast exact pattern matching algorithm. Journal of Computational Information Systems,2009,5(1):235-243P
[98]H. Li, X. Li. A time-and space-efficient multi-pattern matching algorithm, in 2nd International Workshop on Education Technology and Computer Science, ETCS 2010, March 6,2010-March 7,2010. Wuhan, Hubei, China.2010:716-719P
[99]C. Linhart, R. Shamir. Faster pattern matching with character classes using prime number encoding. Journal of Computer and System Sciences,2009,75(3):155-162P
[100]J. Yuan, J. Zheng, S. Ding. An improved pattern matching algorithm, in 2010 International Symposium on Intelligent Information Technology and Security Informatics, IITSI 2010, April 2,2010-April 4,2010. Jinggangshan, China.2010: 599-603P
[101]潘超,杨良怀,龚卫华等.模式匹配研究进展.计算机系统应用.2010.19(11)
[102]王丽华.计算机容错系统的体系结构与安全性研究.西南交通大学西南交通大学硕士学位论文.2002
[103]S. Kraemer, R. Leupers, D. Petras, et al. A checkpoint/restore framework for systemc-based virtual platforms.2009:161-167P
[104]李海山.面向恢复的容错计算技术研究.哈尔滨工程大学哈尔滨工程大学博士学位论文.2007
[105]陈斌斌Kylin内核完整性防护技术研究.国防科学技术大学国防科学技术大学硕士学位论文.2007
[106]李霞,郭井龙,吕荣耀Linux中的几种安全防护技术.信息工程大学学报.2004.5(1):4页
[107]任建华.基于主机的文件实时监控技术的研究与实现.南京航空航天大学南京航空航天大学硕士学位论文.2005
[108]T. Ushio, I. Onishi, K. Okuda. Fault detection based on Petri net models with faulty behaviors, in Proceedings of the 1998 IEEE International Conference on Systems, Man, and Cybernetics. Part 1 (of 5), October 11,1998-October 14,1998. San Diego, CA,USA.1998:113-118P
[109]余保明.基于行为的入侵防护技术研究.天津大学天津大学硕士学位论文.2007
[110]谢争.基于检查点的进程级容错设计与研究.哈尔滨工程大学硕士学位论文.2009
[111]门朝光.基于Linux内核的进程检查点系统设计与实现.计算机科学COMPUTER SCIENCE.2009.36(4):4页
[112]A. Duda. EFFECTS OF CHECKPOINTING ON PROGRAM EXECUTION TIME. Information Processing Letters,1983,16(5):221-229P
[113]慈轶为.操作系统内核级检查点技术的研究与实现.哈尔滨工业大学哈尔滨工业大学硕士学位论文.2005
[114]J.T. Daly. A higher order estimate of the optimum checkpoint interval for restart dumps.2006:303-312P
[115]梁蓓.基于WinNT进程检查点技术研究与实现.2004
[116]印杰.复杂失效分布下的动态检查点设置.小型微型计算机系统;JOURNAL OF CHINESE COMPUTER SYSTEMS.2010.31(4):7页
[117]B. Schroeder, G.A. Gibson. A large-scale study of failures in high-performance computing systems, in DSN 2006:2006 International Conference on Dependable Systems and Networks, June 25,2006-June 28,2006. Philadelphia, PA, United states. 2006:249-258P
[118]H. Okamura, Y. Nishimura, T. Dohi. A dynamic checkpointing scheme based on reinforcement learning, in Proceedings-10th IEEE Pacific Rim International Symposium on Dependable Computing, March 3,2004-March 5,2004. Papeete Tahiti, French polynesia.2004:151-158P
[119]Y. Wang, S. Gao, Z. Jia, et al. Make a strategic decision using Markov for dynamic checkpoint interval. in IEEE 9th International Conference on Computer and Information Technology, CIT 2009, October 11,2009-October 14,2009. Xiamen, China.2009:197-202P
[120]A.J. Oliner, L. Rudolph, R.K. Sahoo. Cooperative checkpointing:A robust approach to large-scale systems reliability, in 20th Annual International Conference on Supercomputing, ICS 2006, June 28,2006-July 1,2006. Cairns, Queensland, Australia.2006:14-23P
[121]Y. Liu, R. Nassar, C. Leangsuksun, et al. An optimal checkpoint/restart model for a large scale high performance computing system, in IPDPS 2008-22nd IEEE International Parallel and Distributed Processing Symposium, April 14,2008-April 18,2008. Miami, FL, United states.2008:IEEE Computer Society Technical Committee on Parallel ProcessingP
[122]王健.容错系统中实时任务调度和负载均衡算法研究.浙江大学计算机科学与技术学院浙江大学博士学位论文.2009
[123]S. Pengfei, Z. Min, L. Yanfei. Study of algorithms of real-time scheduling with fault-tolerance in small satellite on-board computer systems, in 6th World Congress on Intelligent Control and Automation, WCICA 2006, June 21,2006-June 23,2006. Dalian, China.2006:2949-2953P
[124]刘如华.嵌入式安全实时操作系统调度策略研究.2009
[125]罗钧,吴志,Jun L.等.嵌入式系统动态策略任务调度算法.重庆大学学报(自然科学版).2008.31(7):5页
[126]H.U. Zhi-gang, H.U. Zhou-jun. Workflow Task Scheduling Algorithm Based on Multi-QoS Objective [J]. Computer Engineering,2008,34(10):126-128P
[127]汪芸,谢俊清,沈卓炜等.实时CORBA技术综述.东南大学学报(自然科学版).2002.32(3):7页
[128]邢建生,王永吉,刘军祥等.一种静态最少优先级分配算法.软件学报.2007.18(7):11页
[129]C. Yang, G. Deconinck, W. Gui. Fault-tolerant scheduling for real-time embedded control systems. Journal of Computer Science and Technology,2004,19(2):191-202P
[130]C. Pinello, L.P. Carloni, A.L. Sangiovanni-Vincentelli. Fault-tolerant distributed deployment of embedded control software. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems,2008,27(5):906-919P
[2]P. Koopman. Embedded system security. Computer,2004,37(7):95-97P
[3]S. Parameswaran, T. Wolf. Embedded systems security-an overview. Design Automation for Embedded Systems,2008,12(3):173-183P
[4]吴新勇.嵌入式操作系统安全保障技术研究.电子科技大学电子科技大学博士学位论文.2003
[5]龚育昌,吴明桥,张晔等.安全操作系统中的权能管理模型.小型微型计算机系统.2006.27(1):5页
[6]A. Boudou, C. Siegelin, J.C. Marchetaux. Access control method and device in an embedded system.2008, Google Patents
[7]R. Ahmed, J. Mo Koo, Y. Hoon Jeong, et al. Design of safety-critical systems using the complementarities of success and failure domains with a case study. Reliability Engineering & System Safety,2010
[8]T. Aven. Identification of safety and security critical systems and activities. Reliability Engineering & System Safety,2009,94(2):404-411P
[9]P.H. Feiler. Challenges in Validating Safety-Critical Embedded Systems. SAE International Journal of Aerospace,2010,3(1):109P
[10]J.C. Knight. Safety critical systems:challenges and directions.2002:547-550P.
[11]江维.嵌入式操作系统安全机制研究与扩展实现.电子科技大学电子科技大学硕士学位论文.2006
[12]李冬.安全Linux操作系统的设计与研究.西北工业大学西北工业大学硕士学位论文.2005
[13]沈松武.嵌入式操作系统安全机制的设计与实现.中国科学院软件研究所中国科学院软件研究所硕士学位论文.2008
[14]石文昌.安全操作系统研究的发展(下).计算机科学;COMPUTER SCIENCE.2002.29(7):4页
[15]R. Lu, J. Han, X. Zeng, et al. A low-cost cryptographic processor for security embedded system.2008:113-114P
[16]H. Huang, C. Hu, J. He. A security embedded system base on TCM and FPGA.2009
[17]Z. Chen, C. Shen, Y. Liu, et al. A security enhancement architecture for COTS operating system, in 1st International Symposium on Data, Privacy, and E-Commerce, ISDPE 2007, November 1,2007-November 3,2007. Chengdu, China.2007: 434-438P
[18]J.L. Clark. Unix operating system security, in Proceedings of the IFIP TC11 8th International Conference on Information Security, May 27-29 1992. Singapore, Singapore.1992:335-335P
[19]F.T. Grampp, R.H. Morris. UNIX OPERATING SYSTEM SECURITY. AT&T Bell Laboratories Technical Journal,1984,63(8 pt 2):1649-1672P
[20]X. Nie, D. Feng, J. Che, et al. Design and implementation of security operating system based on trusted computing, in 2006 International Conference on Machine Learning and Cybernetics, August 13,2006-August 16,2006. Dalian, China.2006: 2776-2781P
[21]J. Song, G. Hu, Q. Xu. Operating system security and host vulnerability evaluation, in International Conference on Management and Service Science, MASS 2009, September 20,2009-September 22,2009. Wuhan, China.2009:Communication University of China; Wuhan University; James Madison University; Institute of Policy and Management, Chinese Academy of Sciences; IEEE Wuhan SectionP
[22]R.R. Linde, C. Weissman, C.E. Fox. The ADEPT-50 time-sharing system.1969: 39-50P
[23]C. Weissman. Security controls in the ADEPT-50 time-sharing system, in Proceedings of the November 18-20,1969, fall joint computer conference. Las Vegas, Nevada. 1969:119-133P
[24]B.W. Lampson. Protection. ACM SIGOPS Operating Systems Review,1974,8(1): 18-24P
[25]E.I. Organick, The Multics system:an examination of its structure.1972
[26]刘彦明,董庆宽,李小平.BLP模型的完整性增强研究.通信学报.2010(02):100-106页
[27]M.A. Harrison, W.L. Ruzzo, J.D. Ullman. Protection in operating systems. Communications of the ACM,1976,19(8):461-471P
[28]R. Spencer, S. Smalley, P. Loscocco, et al. The Flask security architecture:System support for diverse security policies.1999:11-11P
[29]M. Gregory, P. Loscocco. Using the flask security architecture to facilitate risk adaptable access controls.2007.
[30]J. Lepreau, R. Spencer, S. Smalley, et al. The Flask Security Architecture:System Support for Diverse Security Policies.2006, SECURE COMPUTING CORP SAINT PAUL MN
[31]蔡谊,沈昌祥.安全操作系统发展现状及对策.信息安全与通信保密.2001(07):30-33页
[32]杨涛,陈福接,沈昌祥.一个安全操作系统S-UNIX的研究与设计.计算机学报.1993(06):409-415页
[33]刘文清,卿斯汉,刘海峰.一个修改BLP安全模型的设计及在SecLinux上的应用.软件学报.2002.13(4):7页
[34]J. Alves-Foss, P.W. Oman, C. Taylor, et al. The MILS architecture for high-assurance embedded systems. International Journal of Embedded Systems,2006,2(3):239-247P
[35]P. Kocher, R. Lee, G. McGraw, et al. Security as a new dimension in embedded system design.2004:753-760P
[36]L. Friedrich. A Survey of Operating Systems Infrastructure for Embedded Systems. 2009
[37]K. Budzynska, M. Kacprzak, P. Rembelski. Perseus. Software for Analyzing Persuasion Process.2009,93(1/3):15P
[38]P. Shinde, P. Sharma, S. Guntupalli. Automated process classification framework using SELinux security context, in 3rd International Conference on Availability, Security, and Reliability, ARES 2008, March 4,2008-March 7,2008. Barcelona, Spain.2008:592-596P
[39]K. Sueyasu, T. Tabata, K. Sakurai. On the security of SELinux with a simplified policy, in Proceedings of the LASTED International Conference on Communication, Network, an d Information Security, December 10,2003-December 12,2003. New York, NY., United states.2003:79-84P
[40]肖永康,纪翠玲,谢宝恂等.SELinux勺安全机制和安全模型.计算机应用.2009.29(z1):3页
[41]王静SELinux的访问控制模型的分析与研究.计算机安全.2008(11):4页
[42]熊光泽,徐伦峰.CRTOS/386P嵌入式实时操作系统在EV386EX上的实现.第六届全国抗恶劣环境计算机学术年会.1996.杭州
[43]张平.CRTOS/386P移植和配置技术的研究与实现.电子科技大学电子科技大学硕士学位论文.1997
[44]赖明志.嵌入式实时操作系统CRTOS Micro移植技术与功能可伸缩机制研究.电 子科技大学电子科技大学硕士学位论文.2000
[45]J. Chen, Y. Yang. Temporal dependency based checkpoint selection for dynamic verification of fixed-time constraints in grid workflow systems. in 30th International Conference on Software Engineering 2008, ICSE'08, May 10,2008-May 18,2008.Leipzig,Germany.2008:141-150P
[46]周国峰.进程检查点技术的改进.计算机工程与科学;COMPUTERENGINEERING &;SCIENCE.2004.26(12):3页
[47]汪东升.一种基于检查点的卷回恢复与进程迁移系统.软件学报;JOURNAL OFSOFTWARE.1999.10(1):6页
[48]Y. Zhang, J. Jiang. Bibliographical review on reconfigurable fault-tolerant control systems. Annual Reviews in Control,2008,32(2):229-252P
[49]李海山,徐火生,欧中红等.TMR容错计算故障恢复技术研究.计算机科学.2008.35(7):4页
[50]B. Joshi, D. Pradhan, J. Stiffler. Fault-Tolerant Computing.2008
[51]张光辉.采用增量检查点技术改进Condor检查点机制的研究.河南农业大学学报;JOURNAL OF HENAN AGRICULTURAL UNIVERSITY.2010.44(6)
[52]H. Zhong, J. Nieh. CRAK:Linux checkpoint/restart as a kernel module. Department of Computer Science, Columbia University, Tech. Rep. CUCS-014-01,2001
[53]蒋廷耀.一种新的优化的检查点间隔的求解模型.小型微型计算机系统;MINI-MICRO SYSTEMS.2003.24(3):4页
[54]陈鸿.改进的检查点间隔动态设置算法.南京大学学报(自然科学版);JOURNAL OF NANJING UNIVERSITY(NATURAL SCIENCES).2005.41(z1):7页
[55]梁蓓,张大方,杨金民等.用时间序列分析方法动态确定检查点时间间隔.系统仿真学报.2004.16(1 0):4页
[56]殷建军.嵌入式系统中备份/恢复技术的研究与实现.华中科技大学.2006
[57]高富强,秦昌硕,游纪原等.UC/OS-Ⅱ内核扩充时间片轮转调度算法的设计.计算机应用.2009.29(4):4页
[58]C. Yaashuwanth, D.R. Ramesh. A New Scheduling Algorithms For Real Time Tasks. Arxiv preprint arXiv:0912.0606,2009
[59]A. Balogh, A. Pataricza, J. Racz. Scheduling of embedded time-triggered systems. in 2007 Workshop on Engineering Fault Tolerant Systems, EFTS'07, September 4,2007-September 4,2007. Dubrovnik, Croatia.2007.
[60]W.K. Seong, K.K. Byung. Task-scheduling strategies for reliable TMR controllers using task grouping and assignment. IEEE Transactions on Reliability,2000,49(4): 355-362P
[61]R. Al-Omari, A.K. Somani, G. Manimaran. An adaptive scheme for fault-tolerant scheduling of soft real-time tasks in multiprocessor systems. Journal of Parallel and Distributed Computing,2005,65(5):595-608P
[62]何军,孙玉方.提高软非周期任务响应性能的调度算法.软件学报.1998.9(10):721-727页
[63]侯爽,宋颖慧.一种实时系统中的多任务可预测调度算法.计算机工程.2004(16):67-69页
[64]宋颖慧,迟关心,赵万生等.增强Linux内核实时性能的研究与实现.哈尔滨工业大学学报.2005(06):763-765页
[65]刘怀,费树岷.基于双优先级的实时多任务动态调度.计算机工程.2005(18):16-18页
[66]刘怀,胡继峰.实时系统的多任务调度.计算机工程.2002(03):43-44+150页
[67]卿斯汉,刘文清,刘海峰.操作系统安全导论.北京:科学出版社,2003:
[68]Q. Ou, F. Luo, K. Huang. High-security system primitive for embedded systems. in 1st International Conference on Multimedia Information Networking and Security, MINES 2009, November 17,2009-November 20,2009. Hubei, China.2009: 319-321P
[69]林建民.嵌入式操作系统技术发展趋势.计算机工程.2001.27(10):4页
[70]吴明桥,陈香兰,张哗等.一种基于服务体/执行流的新型操作系统构造模型.中国科学技术大学学报.2006(02):230-236页
[71]江维.嵌入式操作系统安全机制研究与扩展实现.电子科技大学电子科技大学硕士学位论文.2006
[72]沈松武.嵌入式操作系统安全机制的设计与实现.2008
[73]杨洪路.计算机脆弱性分类的研究.计算机工程与设计;COMPUTER ENGINEERING AND DESIGN.2004.25(7):3页
[74]张永铮.计算机安全弱点及其对应关键技术研究.哈尔滨工业大学博士学位论文.2006
[75]O.H. Alhazmi, Y.K. Malaiya, I. Ray. Measuring, analyzing and predicting security vulnerabilities in software systems. Computers & Security,2007,26(3):219-228P
[76]浦海挺.安全操作系统的体系架构及其实现模型.四川大学四川大学硕士学位论文.2004
[77]佘影.基于Linux系统的安全访问控制策略研究.重庆大学重庆大学硕士学位论文.2007
[78]B. Hennessey, B. Norman, R.B. Wesson. Security simulation for vulnerability assessment, in 2006 40th Annual IEEE International Carnahan Conference on Security Technology, ICCST, October 16,2006-October 19,2006. Lexington, KY, United states.2006:46-50P
[79]C. Lin, C. Chen, C. Laih. A study and implementation of vulnerability assessment and misconfiguration detection, in Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008.445 Hoes Lane-P.O.Box 1331, Piscataway, NJ 08855-1331, United States.2008:1252-1257P
[80]J. Wang, J. Wang, S. Cheng, et al. Software vulnerability detection system based on uniform intermediate representation. Qinghua Daxue Xuebao/Journal of Tsinghua University,2010,50(SUPPL.1):1502-1507P
[81]P.D. Zegzhda, D.P. Zegzhda, M.O. Kalinin. Vulnerabilities detection in the configurations of MS windows operating system, in 3rd International Workshop on Mathematical Methods, Models, and Architectures for Computer Network Security, MMM-ACNS 2005, September 24,2005-September 28,2005. St. Petersburg, Russia. 2005:339-351P
[82]张永铮,方滨兴,迟悦.计算机弱点数据库综述与评价.计算机科学.2006(08):19-21+49页
[83]张涛,胡铭曾,李东等.一种量化的软件弱点评估方法.计算机工程与应用.2005(27):7-9+50页
[84]张永铮,云晓春,胡铭曾.基于特权提升的多维量化属性弱点分类法的研究.通信学报.2004(07):107-114页
[85]J. Liu, J. Wang, Q. Wei, et al. Vulnerability detection based on a dangerous function approach. Qinghua Daxue Xuebao/Journal of Tsinghua University,2010,50(SUPPL 1):1529-1533P
[86]L. Moohun, C. Sunghoon, J. Changbok, et al. A rule-based security auditing tool for software vulnerability detection, in 2006 International Conference on Hybrid Information Technology, ICHIT 2006, November 9,2006-November 11,2006. Cheju Island, Korea, Republic of.2006:505-512P
[87]J. Wang, J. Wang, S. Cheng, et al. Software vulnerability detection system based on uniform intermediate representation. Qinghua Daxue Xuebao/Journal of Tsinghua University,2010,50(SUPPL.1):1502-1507P
[88]P. Zhang, J. Shang, Z. Liang. Application of multi-agent model in vulnerability detection system, in 2007 1st International Symposium on Information Technologies and Applications in Education, ISITAE 2007, November 23,2007-November 25, 2007. Kunming, China.2007:311-314P
[89]X. Zhang, L. Shao, J. Zheng. A novel method of software vulnerability detection based on fuzzing technique, in 2008 International Conference on Apperceiving Computing and Intelligence Analysis, ICACIA 2008, December 13,2008-December 15,2008. Chengdu, China.2008:270-273P
[90]谷增军.基于模糊综合评判的安全风险评估模型及应用.财会通讯.2010(22):122-123页
[91]朱璟,蔡敏,杜义.模糊综合评判决策在软件质量评估中的应用.软件导刊.2010(11):3-4页
[92]T. Aslam. A taxonomy of security faults in the unix operating system. Citeseer.1995
[93]M. Bishop. A taxonomy of unix system and network vulnerabilities.1995, Citeseer
[94]S. Hansman, R. Hunt. A taxonomy of network and computer attacks. Computers & Security,2005,24(1):31-43P
[95]席景科.空间聚类分析及评价方法.计算机工程与设计;COMPUTERENGINEERING AND DESIGN.2009.30(7):4页
[96]张惟皎.聚类质量的评价方法.计算机工程;COMPUTER ENGINEERING.2005.31(20):3页
[97]Y. Huang, L. Ping, X. Pan, et al. Fast exact pattern matching algorithm. Journal of Computational Information Systems,2009,5(1):235-243P
[98]H. Li, X. Li. A time-and space-efficient multi-pattern matching algorithm, in 2nd International Workshop on Education Technology and Computer Science, ETCS 2010, March 6,2010-March 7,2010. Wuhan, Hubei, China.2010:716-719P
[99]C. Linhart, R. Shamir. Faster pattern matching with character classes using prime number encoding. Journal of Computer and System Sciences,2009,75(3):155-162P
[100]J. Yuan, J. Zheng, S. Ding. An improved pattern matching algorithm, in 2010 International Symposium on Intelligent Information Technology and Security Informatics, IITSI 2010, April 2,2010-April 4,2010. Jinggangshan, China.2010: 599-603P
[101]潘超,杨良怀,龚卫华等.模式匹配研究进展.计算机系统应用.2010.19(11)
[102]王丽华.计算机容错系统的体系结构与安全性研究.西南交通大学西南交通大学硕士学位论文.2002
[103]S. Kraemer, R. Leupers, D. Petras, et al. A checkpoint/restore framework for systemc-based virtual platforms.2009:161-167P
[104]李海山.面向恢复的容错计算技术研究.哈尔滨工程大学哈尔滨工程大学博士学位论文.2007
[105]陈斌斌Kylin内核完整性防护技术研究.国防科学技术大学国防科学技术大学硕士学位论文.2007
[106]李霞,郭井龙,吕荣耀Linux中的几种安全防护技术.信息工程大学学报.2004.5(1):4页
[107]任建华.基于主机的文件实时监控技术的研究与实现.南京航空航天大学南京航空航天大学硕士学位论文.2005
[108]T. Ushio, I. Onishi, K. Okuda. Fault detection based on Petri net models with faulty behaviors, in Proceedings of the 1998 IEEE International Conference on Systems, Man, and Cybernetics. Part 1 (of 5), October 11,1998-October 14,1998. San Diego, CA,USA.1998:113-118P
[109]余保明.基于行为的入侵防护技术研究.天津大学天津大学硕士学位论文.2007
[110]谢争.基于检查点的进程级容错设计与研究.哈尔滨工程大学硕士学位论文.2009
[111]门朝光.基于Linux内核的进程检查点系统设计与实现.计算机科学COMPUTER SCIENCE.2009.36(4):4页
[112]A. Duda. EFFECTS OF CHECKPOINTING ON PROGRAM EXECUTION TIME. Information Processing Letters,1983,16(5):221-229P
[113]慈轶为.操作系统内核级检查点技术的研究与实现.哈尔滨工业大学哈尔滨工业大学硕士学位论文.2005
[114]J.T. Daly. A higher order estimate of the optimum checkpoint interval for restart dumps.2006:303-312P
[115]梁蓓.基于WinNT进程检查点技术研究与实现.2004
[116]印杰.复杂失效分布下的动态检查点设置.小型微型计算机系统;JOURNAL OF CHINESE COMPUTER SYSTEMS.2010.31(4):7页
[117]B. Schroeder, G.A. Gibson. A large-scale study of failures in high-performance computing systems, in DSN 2006:2006 International Conference on Dependable Systems and Networks, June 25,2006-June 28,2006. Philadelphia, PA, United states. 2006:249-258P
[118]H. Okamura, Y. Nishimura, T. Dohi. A dynamic checkpointing scheme based on reinforcement learning, in Proceedings-10th IEEE Pacific Rim International Symposium on Dependable Computing, March 3,2004-March 5,2004. Papeete Tahiti, French polynesia.2004:151-158P
[119]Y. Wang, S. Gao, Z. Jia, et al. Make a strategic decision using Markov for dynamic checkpoint interval. in IEEE 9th International Conference on Computer and Information Technology, CIT 2009, October 11,2009-October 14,2009. Xiamen, China.2009:197-202P
[120]A.J. Oliner, L. Rudolph, R.K. Sahoo. Cooperative checkpointing:A robust approach to large-scale systems reliability, in 20th Annual International Conference on Supercomputing, ICS 2006, June 28,2006-July 1,2006. Cairns, Queensland, Australia.2006:14-23P
[121]Y. Liu, R. Nassar, C. Leangsuksun, et al. An optimal checkpoint/restart model for a large scale high performance computing system, in IPDPS 2008-22nd IEEE International Parallel and Distributed Processing Symposium, April 14,2008-April 18,2008. Miami, FL, United states.2008:IEEE Computer Society Technical Committee on Parallel ProcessingP
[122]王健.容错系统中实时任务调度和负载均衡算法研究.浙江大学计算机科学与技术学院浙江大学博士学位论文.2009
[123]S. Pengfei, Z. Min, L. Yanfei. Study of algorithms of real-time scheduling with fault-tolerance in small satellite on-board computer systems, in 6th World Congress on Intelligent Control and Automation, WCICA 2006, June 21,2006-June 23,2006. Dalian, China.2006:2949-2953P
[124]刘如华.嵌入式安全实时操作系统调度策略研究.2009
[125]罗钧,吴志,Jun L.等.嵌入式系统动态策略任务调度算法.重庆大学学报(自然科学版).2008.31(7):5页
[126]H.U. Zhi-gang, H.U. Zhou-jun. Workflow Task Scheduling Algorithm Based on Multi-QoS Objective [J]. Computer Engineering,2008,34(10):126-128P
[127]汪芸,谢俊清,沈卓炜等.实时CORBA技术综述.东南大学学报(自然科学版).2002.32(3):7页
[128]邢建生,王永吉,刘军祥等.一种静态最少优先级分配算法.软件学报.2007.18(7):11页
[129]C. Yang, G. Deconinck, W. Gui. Fault-tolerant scheduling for real-time embedded control systems. Journal of Computer Science and Technology,2004,19(2):191-202P
[130]C. Pinello, L.P. Carloni, A.L. Sangiovanni-Vincentelli. Fault-tolerant distributed deployment of embedded control software. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems,2008,27(5):906-919P