Download - Academy Publisher
Download - Academy Publisher
Download - Academy Publisher
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
ISBN 978-952-5726-09-1 (Print)<br />
Proceedings of the Second International Symposium on Networking and Network Security (ISNNS ’10)<br />
Jinggangshan, P. R. China, 2-4, April. 2010, pp. 234-237<br />
Research of System-Switch Mechanism Based on<br />
sCPU-dBUS Architecture<br />
Fengjing Shao, Xiaoning Song, and Rencheng Sun<br />
College of Information Engineering<br />
QingDao University, QDU<br />
Qingdao, China<br />
sfj@qdu.edu.cn, helensongmail@163.com, qdsunstar@163.com<br />
Abstract—sCPU-dBUS architecture is a solution for the<br />
problem of network security from the angle of changing the<br />
computer’s architecture. In order to manage the resources<br />
on this architecture efficiently, we adopt the operating<br />
system with double-subsystems. In this thesis, as an<br />
important part of the operating system for the sCPU-dBUS<br />
architecture, a system-switch mechanism is designed.<br />
Firstly, the kernel bus-switch mechanism is designed.<br />
Secondly, the system-switch flows of each stage during the<br />
OS’s starting and running are designed.<br />
between two subsystems, there should be a good<br />
system-switch mechanism<br />
[4] . In this article, a<br />
system-switch mechanism is designed.<br />
Index Terms—sCPU-dBUS, double-subsystem,<br />
system-switch, clock interrupt<br />
I. INTRODUCTION<br />
As the problem of network security is becoming more<br />
and more serious, the solutions aren’t confined to the<br />
existing ways any more, such as virus scanning<br />
technology, firewall technology and IDS. Many experts<br />
hope to solve network security problem from a new<br />
angle. The single-cpu and dual-bus secure computer<br />
architecture (sCPU-dBUS) is a solution from the angle of<br />
improving computer architecture. The architecture of<br />
sCPU-dBUS is shown in Figure1 [1] .<br />
sCPU-dBUS secure computer architecture contains<br />
one CPU and two independent fast system sub-buses<br />
which are called local bus and network bus. The CPU is<br />
connected to the shared bus, and also can be connected<br />
with local bus or network bus through controlling the bus<br />
bridge [2, 3] . The bridge makes sure that only one bus can<br />
be connected with the CPU at any time. Network bus and<br />
all the devices which are connected to the network bus<br />
consist of network sub-area, while local bus and all the<br />
devices which are connected to the local bus consist of<br />
local sub-area. In the sCPU-dBUS secure computer<br />
architecture, all network devices are connected to the<br />
network bus. When network intrusions happen, the<br />
destructions will be limited to the network sub-area as<br />
the bridge is not connected to the local bus. User’s<br />
important data are stored in the local-area, so it can avoid<br />
being destroyed. As the sCPU-dBUS secure architecture<br />
has one CPU and two sub-areas, there should be a<br />
befitting operating system to support this architecture. In<br />
order to enhance the security of the system, the operating<br />
system is designed containing two sub-kernels: the local<br />
sub-kernel and the network sub-kernel. The two<br />
sub-kernels run in two sub-areas, and they are<br />
coordinating relationship rather than subordinate<br />
relationship. In order to implement communication<br />
© 2010 ACADEMY PUBLISHER<br />
AP-PROC-CS-10CN006<br />
234<br />
II.<br />
Figure 1. sCPU-dBUS secure architecture<br />
SYSTEMIC ANALYSIS OF SYSTEM-SWITCH<br />
MECHANISM<br />
System switch is an important part of the<br />
double-kernel operating system. At the booting stage of<br />
operating system, there are two subsystems needing to be<br />
booted, so the system-switch mechanism is needed. And<br />
when the operating system is running after it is started,<br />
there still exist two situations that need system-switch<br />
mechanism to realize system-switch. Firstly, when the<br />
user wants to do some operations in the other subsystem,<br />
system-switch occurs and this situation is called<br />
user-control switch. Secondly, when some data are<br />
needed to be transferred to the other subsystem,<br />
system-switch occurs and this one is called data-transfer<br />
switch. In this situation, system should be switched<br />
automatically until the data transfer is done.<br />
In order to make one sub-system continue running<br />
from the breakpoint after CPU is given back from the<br />
other sub-system, two aspects should be conserved. The<br />
first is all of process contexts and the second is address<br />
of the next instruction. So two blocks of spaces should be<br />
open up to store the information, and the spaces should<br />
be on the instruction cache which is mounted on the<br />
shared bus for the sake that both of two sub-systems can<br />
visit. The two blocks of spaces are shown as follows: