The aim of the thesis is to propose measures to introduce security in the architecture of a modern Real-Time Operating System (RTOS) in the sense of allowing Multiple Levels of Security (MILS). This means both the security of the RTOS itself related to the authentication of the kernel, updates, drivers, services, … as well as the secure management of applications (for example: registration of a new application, update and upgrade of applications and execution of applications) and the security of data inside applications. The student would study the HIPPEROS architecture and propose, based on the state-of-the-art of secure operating systems, how to smoothly integrate such an architecture in the existing development process of HIPPEROS. The study would allow developers to implement practically and easily the proposed architecture in the operating system.
One of the challenges is to define a predictable real-time architecture. An interesting aspect of the proposed work is to deal with different domains of computer sciences: operating systems, real-time and security.
- John Rushby (1981). “Design and Verification of Secure Systems”. Proc. 8th ACM Symposium on Operating System Principles. pp. 12–21.
- W. S. Harrison, N. Hanebutte, P. Oman and J. Alves-Foss (October 2005). “The MILS Architecture for a Secure Global Information Grid”. CrossTalk 18 (10): 20–24.
- Alves-Foss, W. S. Harrison, P. Oman and C. Taylor (2007). “The MILS Architecture for High Assurance Embedded Systems”. International Journal of Embedded Systems.
- Integrating Flexible Support for Security Policies into the Linux
Operating System, Peter Loscocco and Stephen Smalley, NSA, 2011.
- Broad New OS Research: Challenges and Opportunities, Galen C. Hunt1, James R. Larus1, David Tarditi1, and Ted Wobbe. Microsoft.
- Practical Techniques for Operating System Attestation, Paul England. Trusted Computing – Challenges and Applications Volume 4968 of the series Lecture Notes in Computer Science pp 113.
- Code Signing, Certificate Authority Security Council.
- Scheduling execution of credentials in constrained secure environments. Authors: Jan-Erik Ekberg, N. Asokan, Kari Kostiainen and Aarne Rantala. Proceeding STC’08 Proceedings of the 3rd ACM workshop on Scalable trusted computing Pages 61-70.
- A multi-layered approach to security in high assurance systems, Alves-Foss, Taylor, Oman. Proceedings of the 37th International Conference on System Sciences, IEEE 2004.
- The MILS Architecture for High-Assurance Embedded Systems, Alves-Foss, Scott Harrison, Oman and Taylor, International Journal of Embedded Systems, volume 2, issue 3. September 2006.
- MILS:Architecture for High-Assurance Embedded Computing, Vanfleet, Beckwith, Ben Calloni, Like, Taylor, Uchenick, The Journal of Defense Software Engineering, August 2005.