• IEMEK Journal of Embedded Systems and Applications
• /
• v.2 no.3
• /
• pp.145-154
• /
• 2007

Dynamic update of kernel can change kernel functionality and fix bugs in runtime. Dynamic update is important because it leverages availability, reliability and flexibility of kernel. An instruction-granularity update technique has been used for dynamic update. However, it is difficult to apply update technique for a commodity operating system kernel because development and maintenance of update code must be performed with assembly language. To overcome this difficulty, we design the function-granularity dynamic update system which uses high-level language such as C language. The proposed update system makes the development and execution of update convenient by providing the development environment for update code which is same for kernel development. We implement this system for Linux and demonstrate an example of update for do_coredump() function which is reported it has a vulnerable point for security. The update was successfully executed.

• The KIPS Transactions:PartA
• /
• v.13A no.3 s.100
• /
• pp.199-204
• /
• 2006

The kernel hardening function is necessary in terms of kernel stability to reduce the system error or panic due to the kernel code error that is made by program developer. But, the traditional kernel hardening method is difficult to implement and consuming high cost. The suggested kernel hardening function that makes high availability system by changing the panic() function of inside kernel code guarantees normal system operation by recovering the incorrect address of the kernel stack frame. We experimented the kernel hardening function at the network module of the Linux by forcing panic code and confirmed the proposed design mechanism of kernel hardening is working well by this experiment.

• Review of KIISC
• /
• v.8 no.4
• /
• pp.63-76
• /
• 1998

미국을 비롯한 정보보호 기술 선진국에서는 일반 기업은 물론 정부 차원에서 안전한 운영체제(Secure Operating System) 개발에 적극적으로 나서고 있다. 운영체제 기술 발전의 흐름에 따라 안전한 운영체제 또한 기존의 IK(Integrated Kernel)방식도다는 MK(Micro Kernel)방식으로 DTOS(Distriibuted Trusted Operating System) 프로토타입(protorype)구현을 끝으로 종료된 Synergy연구 과제의 후속으로 현재 Flask 프로젝트가 진행 중이다. Flask커널 역시 이러한 MK를 기반으로 하고 있으며 현재 Flask 보안 커널 개발 프로젝트는 Flux연구 과제의 주요 주제 중 하나로 진행중이다. DTOS연구 과제의 명맥을 잇는 Flask젝트는 보안 커널에 대한 적극적이고 지속적인 미국 정부차원의 노력인 것이다. 본 논문에서는 주요 정보통신 기반 구조의 보호를 위한 보안 커널 (Security Kernel) 개발 동향을 파악하기 위해 현재 미국에서 진행중인 보안커널 개발 동향 및 연구 내용에 대해 분석한다.

• Management Science and Financial Engineering
• /
• v.2 no.1
• /
• pp.1-18
• /
• 1996

FMS operating system consists of several subsystems in general. i.e. tool grouping subsystem. tool/job assignment subsystem. job dispatching subsystem, and papers dealing with each subsystem were published by many researchers [1], [4], [6], [8], [9], [10], [11], [12], [13], [14], [15], [16]. This paper mainly discusses about tool/job assignment subsystem as a job loading procedure. that occupies the kernel position of overall FMS operating system. Its performance is evaluated through simulation experiments of an integrated operating system under a typical FMS hardware configuration implemented in many machining factories, which is composed of the proposed procedure as well as a job dispatching procedure including several heuristic dispatching rules in terms of rule-base.

• The KIPS Transactions:PartA
• /
• v.8A no.4
• /
• pp.385-390
• /
• 2001

In this paper, we describe a blocking method of buffer overflow attack for secure operating system. Our team developed secure operating system using MAC and ACL access control added on Linux kernel. We describe secure operating system (SecuROS) and standardized Secure utility and library. A working prototype able to detect and block buffer overflow attack is available.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.5
• /
• pp.961-969
• /
• 2004

A panic state is often caused by careless computer control. It could be also caused by a kernel programmer's mistake. It can make a big problem in computer system when it happens a lot. When a panic occurs, the process of the panic state has to be checked, then if it can be restored, operating system restores it, but if not, operating system runs the panic function to stop the system in the kernel hardening O.S. To decide recovery of the process, the type of the panic for the present process should be checked. 1'he value type and the address type have to restore the process. If the system process is in a panic state, the system should be designed to shutdown hardening function In the Linux operating system. So it has to decide whether the process should be restored or not before going to the panic state.

• Proceedings of the Korea Contents Association Conference
• /
• 2009.05a
• /
• pp.693-698
• /
• 2009

Computer system to operate normally without interruption, is one of the important issues. Likewise, a computer system to operate without interruption, failure to endure a variety of techniques, development and commercial use is arranged. Most guards will take a lot of technique failure endure. In this paper on the Linux operating system, dynamic module (DLM) to connect using the USB device to use USB devices can cause the symptoms to reduce the kernel PANIC hadeuning technique for studying the kernel.

• Proceedings of the IEEK Conference
• /
• 2005.11a
• /
• pp.1181-1184
• /
• 2005

In this paper, we proposed small scale real-time operating system for embedded system. Real-time system is characterized by the severe consequences that result if logical as well as timing correctness properties of system are not met. On real-time system, real-time operating system allows real-time applications to be designed and expanded easily. Functions can be added without requiring major changes to the software. We design small scale real-time operating system for preemptive kernel, and design kernel component such as multitasking, scheduler, task priority, semaphore, inter-task communication, clock tick timer, ISR(Interrupt Service Routine) mechanism has low interrupt latency.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.1
• /
• pp.173-180
• /
• 2007

This paper designs the kernel hardening function by recovering the kernel stack fame to reduce the system error or panic due to the kernel code error. The suggested kernel hardening function guarantees normal system operation by recovering the incorrect address of the kernel stack kernel. The suggesting kernel hardening mechanism is applied to the network module of Linux which is much using put. I experimented the kernel hardening function at the network module of the Linux by forcing panic code.

• Journal of Institute of Control, Robotics and Systems
• /
• v.3 no.4
• /
• pp.373-380
• /
• 1997

In order to implement the real-time operating systems for robot controller, this paper proposes a systematic method for implementing the real-time kernel under the DOS environment. So far, we designed the robot control software and its own operating system simultaneously. Though robot operating systems have simple structure, it allows the developer to have a surplus time and effort to implement complete robot systems. In addition to this, in most cases of this type, operating systems does not support multitasking function, thus, low level hardware interrupts are used for real-time execution. Subsequently, some kinds of real-time tasks are hard to implement under this environment. Nowadays, the operating systems for robot controller requires multitasking functions, intertask communication and task synchronization mechanism, and rigorous real-time responsiveness. Thus, we propose an effective and low costs real-time systems for robot controller satisfying the various real-time characteristics. The proposed real-time systems are verified through real implementation.