• The KIPS Transactions:PartA
• /
• v.11A no.3
• /
• pp.139-148
• /
• 2004

The number of applications of small embedded systems such as PDAs, electronic note books, etc. based on Kinux, have increased. Due to the monolithic characteristic of Linux kernel, it is not suitable to satisfy the various kinds of embedded application requirement. To assist the shortcoming of monolithic kernel, we implement uJFFS 113th file system as an application program process which runs in user space. This solution consists of a file system and a flash device driver, and makes Linux kernel smaller by separating the file system from the kernel. uJFFS consists of ujffs_fs that plays a part of file system and ujffs_drv that controls a flash device. Which provides the same user interface as Linux does. A Device driver for the physical device is implemented in user pace, which prevents kernel failures from file system errors. So uJFFS can increase stability of the system.

• Journal of KIISE:Software and Applications
• /
• v.36 no.7
• /
• pp.523-530
• /
• 2009

Despite the growing need for customized operating system kernels for embedded devices, kernel development continues to suffer from insufficient reliability and high testing cost for several reasons such as the high complexity of the kernel code. To alleviate these difficulties, this study proposes the MOdel-based KERnel Testing (MOKERT) framework for detection of concurrency bugs in the kernel. MOKERT translates a given C program into a corresponding Promela model, and then tries to find a counter example with regard to a given requirement property, If found, MOKERT executes that counter example on the real kernel code to check whether the counter example is a false alarm or not, The MOKERT framework was applied to the Linux proc file system and confirmed that the bug reported in a ChangeLog actually caused a data race problem, In addition, a new data race bug in the Linux proc file system was found, which causes kernel panic.

• The KIPS Transactions:PartA
• /
• v.12A no.5 s.95
• /
• pp.375-384
• /
• 2005

General purpose operating systems are Increasingly being used for serving time-sensitive applications. These applications require soft real-time characteristics from the kernel and from other system-level services. In this paper, we explore various operating systems techniques needed to support time-sensitive applications and describe the design of MUSMA(Multi-level Scheduler for Multimedia Application). MUSMA is a framework that combination of user-level top scheduler and kernel-level bottom scheduler. We develope MUSMA in linux environment and it's performance is evaluated. Experiment result shows that it is possible to satisfy the constraints of multimedia in a general purpose operating system without significantly compromising the performance of non-realtime applications.

• Proceedings of the KAIS Fall Conference
• /
• 2002.05a
• /
• pp.239-242
• /
• 2002

현재 컴퓨터를 사용하는 대부분의 회사들은 서버를 보유하고 있다. 서버의 규모가 클 수도 있고, 작을 수도 있지만 규모에 상관없이 운영체제(Operating System)를 사용하고 클라이언트에서 처리가 불가능하거나 곤란한 데이터를 처리하는 역할을 맞고 있다. 하지만 작업이 정밀화되고 처리량이 많아지면서 서버의 성능 증가를 필요로 하게 되었고, 그렇다고 비싼 가격의 서버를 무한정 증설 할 수도 없기 때문에 분산시스템이 나타나게 되었다. 이 논문이 다루고자하는 내용은 현재 사용하고 있는 시스템을 알아보고 시스템에 극소화커널분산시스템의 개념을 도입하여 서버를 설계하고 연구하는데 있다.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.1
• /
• pp.79-86
• /
• 2004

In general, operating system is offering the security function of OS level to support several web services. However, it is true that security side of OS level is weak from many parts. Specially, it is needed to audit/trace function in security kernel level to satisfy security more than B2 level that define in TCSEC(Trusted Computer System Evaluation Criteria). So we need to create audit data at system call invocation for this, and do to create audit data of equal format about almost event and supply information to do traceback late. This Paper Proposes audit/trace system module that use LKM(Loadable Kernel Module) technique. It is applicable without alteration about existing linux kernel to ensure safe evidence. It offers interface that can utilize external audit data such as intrusion detection system, and also offers safe role based system that is divided system administrator and security administrator These data will going to utilize to computer forensics' data that legal confrontation is Possible.

• The Journal of Korean Institute of Next Generation Computing
• /
• v.13 no.3
• /
• pp.26-33
• /
• 2017

Recently container technologies have been receiving attention for efficient use of the cloud platform. Container virtualization technology has the advantage of a highly portable, high density when compared with the existing hypervisor. Container virtualization technology, however, uses a virtualization technology at the operating system level, which is shared by a single kernel to run multiple instances. For this reason, the feature of container is that the attacker can obtain the root privilege of the host operating system internal the container. Due to the characteristics of the container, the attacker can attack the root privilege of the host operating system in the container utilizing the vulnerability of the kernel. In this paper, we propose a framework for efficiently detecting and responding to root privilege attacks of a host operating system in a container. This framework uses a memory trap technique to detect changes in a specific memory area of a container and to suspend the operation of the container when it is detected.

• Journal of KIISE:Computer Systems and Theory
• /
• v.29 no.3
• /
• pp.143-152
• /
• 2002

As the multimedia application becomes ubiquitous, the size of message used for Inter Process Communication (IPC) grows up to cope with the requirements of multimedia applications. And the rapid development of new hardware platforms makes the portability of operating system more important. But the traditional micro-kernel operating system is Implemented platform dependently for better performance, and especially focused on handling short message. In this paper, we present the design and implementation of IPC mechanism in M3K (MultiMedia Micro-Kernel) to address the above problems. Our IPC mechanism provides enhanced performance and efficiently handles large message without performance degrading.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.9 no.3
• /
• pp.183-191
• /
• 2014

The software running on avionic system is required to be highly reliable and productive. The air transport industry has developed ARINC Specification 653(ARINC653) as a standardized software requirement of avionics computers. The document specifies the interface boundary between avionics application software and the core executive software. Dependability in ARINC 653 is provided by spatial and temporal partitioning whilst fault-tolerance is provided by health monitoring mechanism. Legacy real-time operating systems are used to support ARINC653 health monitor on integrated modular avionics(IMA). However, legacy real-time operating systems are costly and difficult to modify the kernel. In this paper, we suggest a Linux-based ARINC653 health monitor. Functionalities to support ARINC653 health monitor are implemented as a Linux kernel module and its performance is evaluated.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.8
• /
• pp.1435-1442
• /
• 2006

The ideal method of safety evaluation is to verify results of execution against all possible operations within operating system, but it is impossible. However, the formal method can theoretically prove the safety on actual logic of operating system. Therefore we explain the contents of the art of the safety verification of security kernel, and make a comparative study of various standardized formal verification tools. And then we assigned PVS(Prototype Verification system) of SRI(Stanford Research Institute) to verify the safety of a modified BLP(Bell & LaPadula) model, the core access control model of multi-lavel based security kernel. Finally, we describe formal specification of the revised BLP model using the PVS, and evaluate the safety of the model by inspecting the specification of the PVS.

• Transactions of the Korean Society of Automotive Engineers
• /
• v.17 no.3
• /
• pp.127-141
• /
• 2009

While the ever-increasing complexity of automotive software systems can be effectively managed through the adoption of a reliable real-time operating system (RTOS), it may incur additional resource usage to a resultant system. Due to the mass production nature of the automotive industry, reducing physical resources used by automotive software is of the utmost importance for cost reduction. OSEK OS is an automotive real-time kernel standard specifically defined to address this issue. Thus, it is very important to develop and exploit kernel mechanisms such that they can achieve minimal resource usage in the OSEK OS implementation. In this paper, we analyze the task subsystem, resource subsystem, application mode and conformance classes of OSEK OS as well as the OSEK Implementation Language (OIL). Based on our analysis, we in turn devise and implement kernel mechanisms to minimize the dynamic memory usage of the OSEK OS implementation. Finally, we show that our mechanisms effectively reduce the memory usage of OSEK OS and applications.