1KHL015623R0002 TCP network

(1) Microkernel technology

In microkernel operating systems, the kernel includes some basic kernel functions (such as creating and deleting tasks, task scheduling, memory management, and interrupt handling, etc.), while some operating system abstractions and critical services (such as file systems, network protocol stacks, etc.) run in user space. This greatly reduces the size of the kernel, while also greatly facilitating the upgrade, maintenance, and porting of the entire system. The system provides services to applications by calling services up from the core to the user layer. Due to the existence of services at the user layer, users can obtain different behaviors by modifying services, which is also known as user layer extension technology. Due to the fact that all applications require the use of APIs or system calls provided by the operating system to complete memory management, process management, I/O, device management, etc., by monitoring and intercepting system calls from a process in user space, and then inserting extension code into system calls, Linux operating system functionality can be extended.

Compared to kernel space feature extensions, user space extensions have stronger security and are more transparent to the Linux operating system and applications. The disadvantage of user layer extension technology is that elevating services to the user layer increases the number of switches and self traps between kernel and user states during program execution, leading to an increase in system load and a decrease in system performance. In addition, microkernels are completely different in structure from traditional embedded Linux kernels. In embedded Linux, if this technology is adopted to increase the dynamic scalability performance of the system, it is necessary to redesign the kernel structure.

1KHL015623R0002 TCP network

(2) Scalable kernel technology

Scalable kernel technology allows user applications to inject code into the kernel to extend its functionality. Due to the fact that the implanted code runs in a kernel state, it avoids the problem of system performance degradation in microkernel technology. The implanted code runs in a kernel state and requires a real-time inspection mechanism to verify its security, ensuring that the implanted code does not cause system crashes. Cheng Buqi et al. [1] used software fault isolation technology to achieve fault isolation of expansion modules, ensuring that the system is not damaged by expansion modules. Bershad et al. [3] also used software fault isolation techniques to limit the range of memory addresses that implanted code can access. Code security checks undoubtedly increase the burden on the system, and the root cause of the problem is that the implanted extensibility code is untrustworthy to the core. To reduce the burden on the system, it is necessary to assume that the implanted code is safe and trustworthy.

Contact information:+86 15359213550

1. A-B Rockwell
2. FOXBORO
3. TRNEX
4. OVATION Westinghouse
5. SCHNEIDER
6. GE FANUC Fanuc
7. SIEMENS
8. REXROTH INDRAMA
9. ABB
10. HONEYWELL
11. BENTLY NEVADA
12. YOKOGAWA Yokogawa
13. ICS TRIPLEX
14. BACHMANN
15. Emerson
16. EPRO
17. HIMA Black Horse and other imported industrial components!

Related models：