Study On Trusted Access Control And Security Evaluation Technology Of Integrated Modular Avionics

With the rapid development of avionics systems,the original independent,joint avionics system has been unable to meet the modern complex military and civilian needs,integrated avionics system(IMA)has become the focus of attention.Reducing SWaP(size,weight and power consumption)has become the primary goal of IMA.Today,with the IMA's functional enhancements and performance improvements,resulting in increased software size and complexity,the need for more resources.The development of microelectronics Moore's Law makes the performance of a single processor greatly improved,so that many different levels of tasks can share the same processor,a high degree of sharing of resources to become one of the characteristics of integrated avionics system.High degree of integration in the reduction of SWaP at the same time,integrated avionics subsystems between the various subsystems of mutual communication,a high degree of sharing of resources,data fusion and so there is a huge information security risks.In order to ensure the security of avionics system,the safety technology research and safety evaluation of integrated avionics information system has become the hotspot in the world.In addition to information security attributes,the integrated avionics system also has real-time,flight safety,certainty,reliability and other important attributes.This paper focuses on the safety technology,safety assessment and credibility of integrated avionics systems.Including: integrated avionics system security technology;integrated avionics system security assessment methods;integrated avionics system based on trusted computing access control and integrated avionics system software credibility assessment.The main contributions of this paper can be:(1)According to the information security problem of integrated avionics system,the security requirements of integrated avionics system are analyzed,the architecture of integrated avionics system security management is given,and the integrated avionics system information security technology,Including key management,message authentication,message / data encryption and decryption,access control and data erasure.In this paper,we focus on the elliptic curve cryptography algorithm ECC,and aim at the algorithm to calculate the midpoint multiplication time.We use the FPGA method to realize the ECC processor,which makes the acceleration effect been achieved in the parallelization of the bit level.The processor completed the ECC encryption and decryption of all the process,support 113,163,193 and other key length.In order to meet the security of partition communication and the strict control of partition level,the MILS IOP is proposed as a part of real-time CORBA to realize multi-level security partition communication mechanism of MILS CORBA architecture in order to meet the security of partitioned communication and multi-level security partition.The mechanism can guarantee that different levels of data can be safely and independently transmitted,but also to ensure the overall security of the system.(2)for the existence of traditional access control problems,here based on a trusted computing platform,the use of trusted computing technology to build a trusted integrated avionics system access control,and focus on trusted hardware and trusted technology Access control was studied.In this paper,by referring to the design idea of BLP model and BIBA model,an access control model which can guarantee integrity and confidentiality is proposed,which enhances the trustworthy security of integrated avionics system(3)Aiming at the traditional common standard evaluation CC,this paper proposes a MILS security evaluation method based on AHP and gray level correlation analysis GRAP in CC framework.This new method overcomes the shortcomings of CC evaluation and realizes the quantitative description of MILS system security.This method is used to evaluate the MILS system and the results show that the EAL4 level can be reached.(4)In order to ensure the credibility of the integrated avionics system software,the definition of the software reliability of the integrated avionics system based on the multi-dimensional attribute and the formalization and description method of the multi-dimensional trusted attribute are proposed.On this basis,the quantitative index system,the measurement mechanism and the verification method of the trusted attribute of the integrated avionics system software are given.Especially the software code static measurement method based on trusted computing thought and the dynamic measurement and verification method based on software behavior attribute.Under the credible index system,the evaluation method and model of the integrated avionics system software are given.