|
|
论文:2024,Vol:42,Issue(1):45-52 |
|
|
引用本文: |
|
|
杨欢, 王晓东, 李庚, 张双, 郭阳明. 民机航电系统虚拟化计算平台功能安全评估研究[J]. 西北工业大学学报 |
|
|
YANG Huan, WANG Xiaodong, LI Geng, ZHANG Shuang, GUO Yangming. Safety assessment of virtualization computing platform for avionics system of civil aircraft[J]. Journal of Northwestern Polytechnical University |
|
|
|
|
|
|
|
| 民机航电系统虚拟化计算平台功能安全评估研究 |
|
| 杨欢1, 王晓东1, 李庚1, 张双2, 郭阳明3 |
|
1. 西北工业大学 计算机学院, 陕西 西安 710072;
2. 航空工业西安航空计算技术研究所, 陕西 西安 710068;
3. 西北工业大学 网络空间安全学院, 陕西 西安 710072 |
| 摘要: |
| 围绕虚拟化后影响机载计算平台安全的时空隔离性、故障隔离性、可调度性等主要问题,开展虚拟化环境下机载计算平台的安全等级评定研究,考虑虚拟化后航电系统的特点,提出了一种基于层次分析法(AHP)和灰度关联分析法(GARD)的安全性计算方法。建立了机载虚拟化计算平台安全评估判断树,利用AHP方法计算了各安全能力的权重,给出了系统整体安全性得分,并在此基础上,结合GRAP方法,参照航空电子系统安全性评估,计算得出了测试系统与DAL安全等级要求适配度最高的安全等级。 |
| 关键词:
民机
计算平台
虚拟化
功能安全
层次分析
|
|
| Safety assessment of virtualization computing platform for avionics system of civil aircraft |
|
| YANG Huan1, WANG Xiaodong1, LI Geng1, ZHANG Shuang2, GUO Yangming3 |
|
1. School of Computer Science, Northwestern Polytechnical University, Xi'an 710072, China;
2. Xi'an Aeronautical Computing Technique Research Institute, Xi'an 710068, China;
3. School of Cybersecurity, Northwestern Polytechnical University, Xi'an 710072, China |
| Abstract: |
| Aiming at the main problems that affect the security of airborne computing platform after virtualization, such as time-space isolation, fault isolation and schedulability, this paper studies the security level evaluation of airborne computing platform under virtualization environment. Considering the characteristics of virtualized avionics system, a security calculation method based on analytic hierarchy process(AHP) and gray correlation analysis(GARD) is proposed. The safety evaluation decision tree of airborne virtualization computing platform is established, and the weight of each safety capability is calculated by AHP method, and the overall safety score of the system is given. On this basis, combined with GRAP method and referring to the safety evaluation of avionics system, the safety level with the highest adaptability between the test system and DAL safety level requirements is calculated, realizing security grade evaluation of airborne computing platform under virtualization environment. |
| Key words:
civil aircraft
computing platform
virtualization
functional safety
analytical hierarchy process
|
|
| 收稿日期: 2023-03-20
修回日期:
|
| DOI: 10.1051/jnwpu/20244210045 |
| 通讯作者: 郭阳明(1978-),教授 e-mail:yangming_g@nwpu.edu.cn
Email:yangming_g@nwpu.edu.cn |
| 作者简介: 杨欢(1990-),博士研究生
|
|
| 相关功能 |
|
|
|
|
| 作者相关文章 |
|
| 杨欢 在本刊中的所有文章 |
| 王晓东 在本刊中的所有文章 |
| 李庚 在本刊中的所有文章 |
| 张双 在本刊中的所有文章 |
| 郭阳明 在本刊中的所有文章 |
|
|
|
|
|
|
|
|
参考文献: |
|
|
[1] 张军才, 茹伟, 胡宇凡. 民用客机E化趋势及其对航电系统的影响[J]. 航空计算技术, 2016,46(5): 115-118 ZHANG Juncai, RU Wei, HU Yufan. Civil aircraft e-enabling trend and influence on avionics system[J]. Aeronautical Computing Technique, 2016,46(5): 115-118(in Chinese)
[2] MARKO W, MORITZ M, MARTIN M. Information technology security threats to modern E-enabled aircraft: a cautionary note[J]. Aerospace Information Systems, 2014,11(7): 154-164
[3] 张军红, 童强. 基于软件虚拟化技术的新一代航空机载软件设计[J]. 南京航空航天大学学报, 2019,51(6): 772-777 ZHANG Junhong, TONG Qiang. New generation aeronautical airborne software design based on software virtualization technology[J]. Journal of Nanjing University of Aeronautics & Astronautics, 2019,51(6): 772-777(in Chinese)
[4] 赵光. 多核处理器在综合模块化航空电子系统中的应用[J]. 科技视界, 2016(13): 140 ZHAO Guang. Application of multicore processor in IMA[J]. Science & Technology Vision, 2016(13): 140(in Chinese)
[5] 汪恺, 张功萱, 周秀敏. 基于容器虚拟化技术研究[J]. 计算机技术与发展, 2015(8): 138-141 WANG Kai, ZHANG Gongxuan, ZHOU Xiumin. Research on virtualization technology based on container[J]. Computer Technology and Development, 2015(8): 138-141(in Chinese)
[6] 陈刚, 关楠, 吕松鸣, 等. 实时多核嵌入式系统研究综述[J]. 软件学报, 2018,29(7): 2152-2176 CHEN Gang, GUAN Nan, LYU Songming, et al. State-of-the-art survey of real-time multicore system[J]. Journal of Software, 2018, 29(7): 2152-2176(in Chinese)
[7] 崔德龙, 夏曼. 虚拟化技术在航空计算领域的应用[J]. 航空工程进展, 2022,13(2): 71-77 CUI Delong, XIA Man. Application of virtualization technology in aeronautical computing field[J]. Advances in Aeronautical Science and Engineering, 2022,13(2): 71-77(in Chinese)
[8] 王卫东, 邸海涛, 张伟栋, 等. 面向IMA应用的多核处理器系统研究与实现[J]. 微电子学与计算机, 2019,36(6): 10-14 WANG Weidong, DI Haitao, ZHANG Weidong, et al. Research and implement of a multicore processing system used for IMA system[J]. Microeletronics & Computer, 2019,36(6): 10-14(in Chinese)
[9] Federal Aviation Administration. Assurance of multicore processors in airborne systems[S]. DOT/FAA/TC-16/51
[10] 程广辉. 基于微内核的操作系统设计及其嵌入式虚拟化应用的研究[D]. 兰州: 兰州大学, 2013 CHENG Guanghui. The study of OS design based on microkernel and application of embedded virtualization[D]. Lanzhou: University of Lanzhou, 2013(in Chinese)
[11] 陈昊. 高可信嵌入式系统软件的关键技术研究[D]. 成都: 电子科技大学, 2018 CHEN Hao. Research on key issues in high assurance system software of embedded systems[D]. Chengdu: University of Electronic Science and Technology of China, 2018(in Chinese)
[12] YORICK D B, SIEGFRIED M, JAN B, et al. Real-time virtualization with Xvisor[J]. Internet of Things, 2020(11): 1-13
[13] KIM H, KANDHALU A, RAJKUMAR R. A coordinated approach for practical OS-level cache management in multi-core real-time systems[C]//2013 25th Euromicro Conference on Real-Time Systems, 2013: 80-89
[14] JAKUB S, RUBY B L. Architectural support for hypervisor-secure virtualization[C]//Proceedings of the International Conference on Architertural Support for Programming Languages and Opterating Systems, 2012
[15] 郝继锋, 虞保忠, 周霆, 等. 一种多核混合分区调度算法设计与实现[J]. 微电子学与计算机, 2016,33(7): 140-144 HAO Jifeng, YU Baozhong, ZHOU Ting, et al. Design and implementation of the multicore hybrid partition scheduling algorithm[J]. Microelectronics & Computer, 2016,33(7): 140-144(in Chinese)
[16] 王心然. 安全虚拟化容器的性能优化[D]. 上海: 上海交通大学, 2020 WANG Xinran. Performance optimization of secure virtualization containers[D]. Shanghai: Shanghai Jiaotong University, 2020(in Chinese)
[17] 符宁, 杜承烈, 李建良, 等. AADL分级调度模型的分析与验证[J]. 计算机研究与发展, 2015,52(1): 167-176 FU Ning, DU Chenglie, LI Jianliang, et al. Analysis and verification of AADL hierarchical schedulers[J]. Journal of Computer Research and Development, 2015,52(1): 167-176(in Chinese)
[18] 雷煜靓, 胡宁, 陈福, 等. ARINC653实时任务可调度性验证方法[J]. 单片机与嵌入式系统应用, 2021, 21(4): 15-20 LEI Yuliang, HU Ning, CHEN Fu, et al. Verification method of schedulability for real-time task in ARINC653[J]. Microcontrollers & Embedded Systems, 2021, 21(4): 15-20(in Chinese)
[19] BUI B D, CACCAMO M, SHA L, et al. Impact of cache partitioning on multi-tasking real-time embedded systems[C]//2008 14th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications, 2008: 101-110
[20] ALTMEYER S, DOUMA R, LUNNISS W, et al. On the effectiveness of cache partitioning in hard real-time systems[J]. Real-Time Systems, 2016, 52(5): 598-643
[21] 杨仕平. 分布式任务关键实时系统的防危技术研究[D]. 成都: 电子科技大学, 2004 YANG Shiping. Research on crisis prevention technology of distributed mission-critical real-time system[D]. Chengdu: University of Electronic Science and Technology of China, 2004(in Chinese) |
|
|
|
|
|
|
|
