• Journal of Institute of Control, Robotics and Systems
• /
• v.14 no.11
• /
• pp.1117-1123
• /
• 2008

This paper implements dual-kernel system using standard Linux and real-time embedded Linux for the real-time control of intelligent robot systems. Such system provides more useful services including standard Linux thread that is easy to implement complicated tasks and real-time tasks for the deterministic response to velocity control. Here, an open source real-time embedded Linux, XENOMAI, is ported on embedded target board. And for interfacing with motor controller we adopted a real-time serial device driver. The real-time task was implemented with a priority to keep the cyclic control command for trajectory control. In order to validate deterministic response of the proposed system, the performance measurement of the delay in performing trajectory control with feedback loop is evaluated with non real-time standard Linux. The proposed software architecture is anticipated to take advantage of features in both standard Linux and real-time operating systems for the intelligent robot systems.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.340-347
• /
• 2001

Security operating system applied to MAC(Mandatory Access Control) or to MLS(Multi Level Security) gives both subject and object both Security Level and value of Category, and it restrict access to object from subject. But it violates Security policy of system and could be a circulated course of illegal information. This is correctly IPC(Interprocess Communication)mechanism and Covert Channel. In this thesis, I tried to design and implementation as OS kernel in order not only to give confidence of information circulation in the Security system, but also to defend from Covert Channel by Storage and IPC mechanism used as a circulated course of illegal information. For removing a illegal information flow by IPC mechanism. I applied IPC mechanism to MLS Security policy, and I made Storage Covert Channel analyze system call Spec. and than distinguish Storage Covert Channel. By appling auditing and delaying, I dealt with making low bandwidth.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.2093-2096
• /
• 2003

Trusted operating systems (OS) provide the basic security mechanisms and services that allow a computer system to protect, distinguish, and separate classified data. Trusted operating systems have been developed since the early 1980s and began to receive National Security Agency (NSA) evaluation in 1984. The researches about trusted OS are proceeding over the world, and new product type using the loadable security kernel module (LSKM) or dynamic link library (DLL) is being developed. This paper proposes a special type of product using LSKM and specific conditions for operational environment should be assumed.

• ETRI Journal
• /
• v.46 no.3
• /
• pp.501-512
• /
• 2024

With an explosive increase of data produced annually, researchers have been attempting to develop solutions for systems that can effectively handle large amounts of data. Single-operating-system (OS) non-uniform memory access (NUMA) abstraction technology is an important technology that ensures the compatibility of single-node programming interfaces across multiple nodes owing to its higher cost efficiency compared with scale-up systems. However, existing technologies have not been successful in optimizing user performance. In this paper, we introduce a single-OS NUMA abstraction technology that ensures full compatibility with the existing OS while improving the performance at both hypervisor and guest levels. Benchmark results show that the proposed technique can improve performance by up to 4.74× on average in terms of execution time compared with the existing state-of-the-art opensource technology.

• Annual Conference of KIPS
• /
• 2006.05a
• /
• pp.1359-1362
• /
• 2006

본 논문은 리눅스 커널 운영체제에서 커널 개발자의 실수나 의도하지 않은 오류 및 시스템 오류로 인하여 발생되는 시스템 정지 현상을 줄이기 위한 커널 하드닝 기능을 설계한다. 본 논문에서 제안하는 커널 하드닝 기능은 문제가 발생한 커널 부분을 수행 중인 프로세스에 대한 동작을 정지시키는 기능과 오류가 발생한 코드에 대한 변수 값이나 주소 값이 가진 특정한 값을 복구시키는 기능을 가진다. 커널 하드닝 기능에서 문제가 있는 모든 프로세스를 무조건 복구하는 것이 아니라 복구 가능성을 판별하여, 복구 가능한 프로세스에 대해서만 복구 될 수 있도록 한다. 또한 오류가 발생한 커널 코드에 대해서 복구 가능한 경우에는 ASSERT() 함수에서 복구가 가능하도록 설계하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10c
• /
• pp.424-426
• /
• 2002

최근 임베디드 운영체제의 중요성이 부각되지만, 임베디드 운영체제의 개발자는 매우 열악한 상황이다. 이에 본 논문에서는 쉽게 접할 수 있는 임베디드 운영체재인 legOS를 소개하고 커널을 분석해보며, legOS의 커널 수정을 통해 RCX간의 통신 수단인 적외선 통신의 한계점을 개선하여, 적외선 통신이 불가능한 RCX간에도 통신이 가능하도록 Routing 기능을 구현하도록 한다.

• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.1594-1597
• /
• 2005

A rapid development and a wide use of the Internet have expanded a network environment. Further, the network environment has become more complex due to a simple and convenient network connection and various services of the Internet. However, the Internet has been constantly exposed to the danger of various network attacks such as a virus, a hacking, a system intrusion, a system manager authority acquisition, an intrusion cover-up and the like. As a result, a network security technology such as a virus vaccine, a firewall, an integrated security management, an intrusion detection system, and the like are required in order to handle the security problems of Internet. Accordingly, a router, which is a key component of the Internet, controls a data packet flow in a network and determines an optimal path thereof so as to reach an appropriate destination. An error of the router or an attack against the router can damage an entire network. This paper relates to a method for RSMS (router security management system) for secure networking based on a security policy. Security router provides functions of a packet filtering, an authentication, an access control, an intrusion analysis and an audit trail in a kernel region. Security policy has the definition of security function against a network intrusion.

• Journal of KIISE:Computing Practices and Letters
• /
• v.16 no.6
• /
• pp.678-682
• /
• 2010

Compressed filesystem is frequently used in the embedded system to increase cost efficiency. One of the drawbacks of compressed filesystem is low read performance. Moreover, read-ahead mechanism that improves the read throughput of storage device has negative effect on the read performance of compressed filesystem, increasing read latency. Main reason is that compressed filesystem has too big read-ahead miss penalty due to decompression overhead. To solve this problem, this paper proposes new read technique considering kernel read-ahead mechanism for compressed filesystem. Proposed technique improves read throughput of device by bulk read from device and reduces decompression overhead of compressed filesystem by selective decompression. We implement proposed technique by modifying CramFS and evaluate our implementation in the Linux kernel 2.6.21. Performance evaluation results show that proposed technique reduces the average major page fault handling latency by 28%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.77-91
• /
• 2019

Recent Linux operating systems having been increasingly used, ranging from automotive consoles, CCTV, IoT devices, and mobile devices to various versions of the kernel. Because these devices can be used as strong evidence in criminal investigations, there is a risk of destroying evidence through file deletion. Ext filesystem forensics has been studied in depth because it can recovery deleted files without depending on the kind of device. However, studies have been carried out without consideration of characteristics of file system which may vary depending on the kernel. This problem can lead to serious situations, such as those that can impair investigative ability and cause doubt of evidence ability, when an actual investigation attempts to analyze a different version of the kernel. Because investigations can be performed on various distribution and kernel versions of Linux file systems at the actual investigation site, analysis of the metadata changes that occur when files are deleted by Linux distribution and kernel versions is required. Therefore, in this paper, we analyze the difference of metadata according to the Linux kernel as a solution to this and recovery deleted file. After that, the investigating agency needs to consider the metadata change caused by the difference of Linux kernel version when performing Ext filesystem forensics.

• The Transactions of the Korean Institute of Electrical Engineers D
• /
• v.55 no.3
• /
• pp.131-137
• /
• 2006

The secondary system of nuclear power plants consists of sophisticated piping systems operating in very aggressive erosion and corrosion environments, which make a piping system vulnerable to the wear and degradation due to the several chemical components and high flow rate (~10 m/sec) of the coolant. To monitor the wear and degradation on a pipe, the vibration signals are measured from the pipe with an accelerometer For analyzing the vibration signal the time-frequency analysis (TFA) is used, which is known to be effective for the analysis of time-varying or transient signals. To reduce the inteferences (cross-terms) due to the bilinear structure of the time-frequency distribution, an adaptive cone-kernel distribution (ACKD) is proposed. The cone length of ACKD to determine the characteristics of distribution is optimally selected through an adaptive algorithm using the normalized Shannon's entropy And the ACKD's are compared with the results of other analyses based on the Fourier Transform (FT) and other TFA's. The ACKD shows a better signature for the wear/degradation within a pipe and provides the additional information in relation to the time that any analysis based on the conventional FT can not provide.