Utilizing Fault Containment to Construct a Survivable Network Security Device Kernel

Fault containment is proposed to construct a survivable kernel of the network security device based on the IBM virtual machine.This is accomplished by setting up an efficient resource manager to supply physical resources to the virtual machine and to balance other performance requirements.Software and hardware fault containment technology is used to protect against system attacks,and avoid a system breakdown from a single fault.Model and tests prove this idea and the overheads are almost negligible.