Safety and Security Architectures for Avionics

In computer systems, commercial off-the-shelf (COTS) components offer extended functionalities for a reasonable cost, and consequently have an important economic advantage. However, such components are hard to integrate into critical systems because of the integrity requirements placed on such systems. To alleviate this problem, we consider the use of Totel’s integrity model (Totel et al., 1998), a model for managing multiple levels of integrity and allowing the use of fault tolerance techniques to validate information flow from low integrity components to high integrity ones. We propose the use of virtualization as a means to diversify COTS components running on the same physical machine and to control information flow on this machine.

[1]  Yves Deswarte,et al.  Supporting multiple levels of criticality , 1998, Digest of Papers. Twenty-Eighth Annual International Symposium on Fault-Tolerant Computing (Cat. No.98CB36224).

[2]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[3]  Hoyt Lougee,et al.  SOFTWARE CONSIDERATIONS IN AIRBORNE SYSTEMS AND EQUIPMENT CERTIFICATION , 2001 .

[4]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[5]  Bruno d'Ausbourg,et al.  Implementing Secure Dependencies over a Network by Designing a Distributed Security SubSystem , 1996, J. Comput. Secur..

[6]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.