The safety of the system involves two different types of problems: one involves technology, management, law, morality and politics;The other involves the security mechanism of the operating system.With the expansion of computer application scope, the security of the system is guaranteed from multiple levels in all systems of a slightly larger scale.Generally, files are managed from four levels: system level, user level, directory level, and file level.The system level is relative to the user level or other levels, and refers to the level of managing files or programs.
System level refers to the level of managing documents or procedures.Generally, it is the highest level in the system and has special permissions.For example, in system security, the main task of system level security management is not to allow unverified users to enter the system, so as to prevent others from illegally using various resources (including files) in the system.The main measures of system level management include: registration and login, access control technology[1]。
System security
Announce
edit
Contents of system security
System security includes three aspects, namely physical security, logical security and security management.Physical security refers to the physical protection of system equipment and related facilities from damage or loss.Security management includes various security management policies and mechanisms.Logical security refers to the security of information resources in the system, which includes the following three aspects.
(1) Data Secrecy: It refers to keeping confidential data in a confidential state and only allowing authorized users to access information in the computer system (including information in display and print files).
(2) Data Integrity: Unauthorized users cannot modify the information saved in the system without authorization, and can maintain the consistency of the data in the system.The modifications here include creating and deleting files, adding new content to files, and changing the original content.
(3) System Availability: refers to that the normal requests of authorized users can be served or responded in a timely, correct and secure manner.In other words, the resources in the computer can be accessed by authorized users at any time, and the system will not refuse service.However, system denial of service is easy to occur in the Internet, because sending requests to a server continuously may paralyze the server, so that the system cannot provide services, which is manifested as denial of service.
Nature of system security
The system security problem involves a wide range of aspects. It is not only related to the security performance of the hardware and software equipment used in the system, but also related to the method used to construct the system, which leads to a more complex nature of the system security problem, mainly shown in the following points:
(1) Multifaceted.In large-scale systems, there are usually multiple risk points, which include physical security, logical security and security management. Any problem in any aspect may cause security accidents.
(2) Dynamic.Due to the continuous development of information technology and the endless attack means of attackers, the security problems of the system are dynamic.For example, information that is critical today may lose its role tomorrow, while new critical information may be generated at the same time;For another example, today is the attack method used by most attackers, but tomorrow is less used, and another new attack method has emerged.The dynamic nature of system security makes it impossible for people to find a solution that can solve the security problem once and for all.
(3) Hierarchy.System safety is a complex problem involving many aspects, so it needs to be solved by system engineering.Like large-scale software engineering, the hierarchical approach is usually used to solve system security problems. The functions of system security are organized in a hierarchical manner, that is, first of all, the system security problems are divided into several security topics (functions) as the highest level;Then one of the security topics is divided into several sub functions as the secondary level;Thereafter, a sub function is further divided into several sub functions;The lowest layer is a set of minimum optional safety functions, which can not be further decomposed.In this way, multiple levels of security functions are used to cover all aspects of system security.
(4) Moderation.At present, almost all enterprises and public institutions follow the principle of moderate safety when implementing system safety engineering, that is, provide appropriate safety goals to achieve according to actual needs.This is because: on the one hand, due to the multifaceted and dynamic nature of system security, it is difficult to achieve comprehensive coverage of security issues;On the other hand, even if there is such a possibility, the high resources and costs required are unacceptable.This is the moderation of system security.
System level integration
Announce
edit
The process of conducting comprehensive and systematic analysis and test on the function or responsibility chain of a project, a product, or software after its formation.In the production process of a product, the general method is to divide the product functions at the module level, and the corresponding module level synthesis is to test the functions actually completed after each module is completed, so as to meet the expected requirements.When all modules are completed, assemble them.The corresponding is system synthesis.It is a testing method, which allows preliminarily formed products to run in various predictable artificial environments in order to get possible problems so as to improve products.
To complete the system level synthesis is a very complex process, first of all, you need to have a deep understanding of the various possible situations and environments that the product will face.And we should have a deep understanding of the functions that our products need to complete.
When the product is initially shaped, we should know the coupling relationship between modules and the "closeness" between modules in order to predict the impact of a damaged module on other functional modules.The second is to test the functions that the product can complete one by one to find out the functional vulnerabilities and errors that the product does not achieve or realize.Finally, it is necessary to test the performance of the product under the possible limit state, commonly known as the limit condition test.It enables us to know the resistance and tolerance of this product to harsh conditions.
System level chip
Announce
edit
System on a chip, also known as system on a chip,MeaningIt is a product with special goalsIntegrated circuit, which includes the complete system and all contents of embedded software.At the same time, it is also atechnologyTo realize the whole process from determining the system function to software/hardware division and completing the design.
In a narrow sense, it isinformation systemCorechipIntegration is the integration of key components of the systemchipUpper;In a broad sense, SoC is a microminiature systema central processor(CPU)It is the brain, so SoC is the system including the brain, heart, eyes and hands.Academics at home and abroad generally tend to define SoC as the integration of microprocessor, analog IP core, digital IP core and memory (or off chip memory control interface) on a single chip, which is usuallyCustomer customizationOr standard products for specific purposes.
The basic content of SoC definition is mainly reflected in two aspects: its composition and its formation process.The system level chip can be composed of system level chip control logic module, microprocessor/microcontroller CPU core module, digital signal processor DSP module, embedded memory module, interface module for external communication, analog front-end module with ADC/DAC, power supply and power consumption management module. For a wireless SoC, there are RF front-end moduleUser defined logic (it can be implemented by FPGA or ASIC) and micro electromechanical modules, and more importantly, a SoC chip is embedded with basic software (RDOS or COS and othersApplication software)Modules or loadable user software, etc.The formation or generation process of system level chips includes the following three aspects:
Software and hardware based on monolithic integrated systemCollaborative designAnd verification;
Reuse the logical area technology to effectively increase the proportion of production capacity, that is, develop and research IP core generation and reusetechnology, especially the repeated application embedded in the large capacity storage module;
Design theory and technology of ultra deep submicron (UDSM) and nano integrated circuits.
