Design of dominant-type control systems with large parameter variations†

This paper presents a design procedure for dominant-type systems with large plant parameter variations. The principal contribution is that a fourth-order approximation is used in the dominant region instead of a third-order, which up to now had been the most advanced method. The s-domain specifications of the system are assumed to be in the form of an acceptable dominant closed-loop pole region with bounds on the location of the ‘far-off’ closed-loop poles. The design philosophy is to place compensation zeros within the acceptable dominant closed-loop pole region such that the dominant closed-loop poles remain within their prescribed region despite the large variation in the plant parameters. The design procedure is for plants with simultaneous independent variation in the gain factor and a pair of poles. The design is such as to minimize the sensitivity of the system to internal noise.     

Event-based privacy-preserving security consensus of multi-agent systems with encryption–decryption mechanism

The article concentrates on exploring the issue of privacy-preserving sliding mode consensus of multi-agent systems (MASs) with disturbance. An encryption and decryption algorithm has been proposed to address data security and privacy issues during data transmission. To optimize network resource allocation, a dynamic event-triggering mechanism has been introduced, which reduces the number of encrypted data while saving the computation cost. The consensus performance based on the sliding mode control strategy is achieved when the reachability of the slide-mode surface is guaranteed, and then the slide-mode controller is developed. Finally, an empirical demonstration through a numerical example validates the efficacy of the proposed strategy.     

Adaptive control of linear multivariable systems with high frequency gain matrix hurwitz

A new adaptive control scheme is proposed for multivariable model reference adaptive control （MRAC） systems based on the nonlinear backstepplng approach with vector form. The assumption on a priori knowledge of the high frequency gain matrix in existing results is relaxed and the new required condition for the high frequency gain matrix can be easily checked for certain plants so that the proposed method is widely applicable. This control scheme guarantees the global stability of the closed-loop systems and the tracking error can be arbitrary small. The simulation result for an application example shows the validity of the proposed nonlinear adaptive scheme.     

Design of bilinear observer for singular bilinear systems

In this paper, by analyzing the worm’s propagation model, we propose a new worm warning system based on the method of system identification, and use recursive least squares algorithm to estimate the worm’s infection rate. The simulation result shows the method we adopted is an efficient way to conduct Internet worm warning.     

Design of switched controllers for discrete singular bilinear systems

In this paper, switched controllers are designed for a class of nonlinear discrete singular systems and a class of discrete singular bilinear systems. An invariant principle is presented for such switched nonlinear singular systems.The invariant principle and the switched controllers are used to globally stabilize a class of singular bilinear systems that are not open-loop stable.     

Design of robust H ∞ filters for a class of uncertain nonlinear neutral stochastic systems with time delays

This article investigates the problem of robust H _∞ filtering for a class of nonlinear neutral stochastic time-delay systems with norm-bounded parameter uncertainties. The nonlinearities are assumed to satisfy the global Lipschitz conditions. By solving a set of certain linear matrix inequalities, an H _∞ filter is designed, which ensures both the robust stochastic stability and a prescribed H _∞ performance of the filtering error system for all admissible uncertainties. A numerical example is given to show the effectiveness of the design method proposed in this article.     

Design of polynomial fuzzy observer–controller for nonlinear systems with state delay: sum of squares approach

This paper investigates the problem of observer-based control for two classes of polynomial fuzzy systems with time-varying delay. The first class concerns a special case where the polynomial matrices do not depend on the estimated state variables. The second one is the general case where the polynomial matrices could depend on unmeasurable system states that will be estimated. For the last case, two design procedures are proposed. The first one gives the polynomial fuzzy controller and observer gains in two steps. In the second procedure, the designed gains are obtained using a single-step approach to overcome the drawback of a two-step procedure. The obtained conditions are presented in terms of sum of squares (SOS) which can be solved via the SOSTOOLS and a semi-definite program solver. Illustrative examples show the validity and applicability of the proposed results.     

Design of fuzzy sliding mode controller for SISO discrete-time systems

According to a class of nonlinear SISO discrete systems, the fuzzy sliding mode control problem is considered. Based on Takagi-Sugeno fuzzy model method, a fuzzy model is designed to describe the local dynamic performance of the given nonlinear systems. By using the sliding mode control approach, the global controller is constructed by integrating all the local state controllers and the global supervisory sliding mode controller. The tracking problem can be easily dealt with by taking advantage of the combined controller, and the robustness performance is improved finally. A simulation example is given to show the effectiveness and feasibility of the method proposed.     

基于操作系统安全的恶意代码防御研究述评

总结了安全操作系统实现恶意代码防御的典型理论模型,分析了它们的基本思想、实现方法和不足之处,指出提高访问控制类模型的恶意代码全面防御能力和安全保证级别、从操作系统安全体系结构的高度构建宏病毒防御机制以及应用可信计算技术建立操作系统的恶意代码免疫机制将是该领域的研究方向.     

隐蔽通道信息流的研究

本文在分析以往信息流理论的基础上,采用了一种和操作系统源代码编写相同的思路,完全按照系统设计时的结构化思路分析隐蔽通道。和以往的信息流分析理论相比,该方法能充分利用软件自身的结构化特征,使得信息流分析可以借鉴源代码开发的思路,大大的降低了隐蔽通道分析的难度,增加了源代码分析的可行性。     

Quantitative analysis of hardware support for real-time operating systems

Microprocessor architects, supported by advances in VLSI technology, have been enormously successful at steadily accelerating the performance of application software. However, operating system performance has lagged due to a divergence between operating system and architectural trends. Unfortunately, some recent work in this area has targeted average-case performance improvements with little or no consideration for the worst-case behavior that must be considered for real-time applications. This paper explores whether one can improve the worst-case performance of operating systems, and as a result, the schedulability of real-time task-sets, using specific hardware-assisted operating system primitives without sacrificing flexibility. The Intel 80960XA Microprocessor, which directly supports basic operating system primitives in hardware, provides an excellent platform to explore operating system hardware and software boundary issues. This paper specifically analyzes the viability of an hardware-assisted fixed-priority scheduler. Using the Real-Time Mach operating system, we did two ports to the 80960XA: one representative of generic RISC implementations, and another which exploited the hardware-supported operating system primitives. We measured the performance of the operating system primitives in both cases and found an average performance improvement factor of 3 for the hardware accelerated version. We applied a formal scheduling model to evaluate the relative performance of the two implementations for two representative real-time applications. The hardware accelerated version reduced operating system burden by factors of 2.66 and 4.1 for the avionics and inertial navigational system task sets, respectively.     

易用的操作系统安全模型的设计和实现

提出并实现了一种应用于PC操作系统的安全模型USPM,在保证足够安全性同时具有兼容性好、无需专门配置即可使用的特点。模型使系统能够在被黑客攻击成功的情况下保证机密文件不丢失、关键文件完整性不被破坏。USPM模型通过限制那些与远程系统进行数据交换的进程的活动来保证系统的安全性,同时通过设置一些例外规则部分的允许特定进程的访问活动来提高系统的易用性,达到在安全性和易用性间的平衡。测试表明,USPM具有较好的安全性,较低的开销和很好的易用性、兼容性。     

Isabelle在分析安全操作系统状态机模型中的应用

为了解决已有的状态机模型的形式化框架在分析安全操作系统状态机模型时不够直观、简洁的问题,提出了一套使用Isabelle工具对安全操作系统模型状态中的类型、变量、常量、关系、映射、函数,以及模型中的安全不变量和状态迁移规则进行形式化描述的新方法.通过实际验证一种典型的安全操作系统状态机模型--可信进程模型,总结出了有效地使用Isabelle辅助形式化设计、分析、验证模型的策略.     

高安全等级安全操作系统的隐蔽通道分析

总结隐蔽通道分析的30年研究进展,根据理论研究与工程实践,说明隐蔽通道及其分析的本质与内涵,指出隐蔽通道分析方法在实际系统中的重要应用,并展望这一领域的若干热点研究方向.     

基于LSM的动态多策略研究与实现

安全需求多样化对操作系统提出支持大量广泛的安全策略灵活性要求.这些灵活性需要支持控制访问权限的转移,执行细粒度的访问控制和撤消之前许可的访问权限.传统操作系统把对安全策略的支持分散到系统相关功能模块中,难以满足这种需求.通过对操作系统中策略相关功能部件的研究,介绍并分析了一种基于通用访问控制框架LSM的动态多策略安全体系结构,阐述了如何把主流Flask体系结构和LSM合理有效的结合以及在Linux上的实现.     

A topology for secure MVS systems

Ultimate protection of computers against programming users appears unachievable. True security seems within reach only within systems without programming users. However, programming has to be done within each computing centre. To meet these conflicting ends, this paper proposes a means of isolating any enterprise's vital data from abuse by fully mutually isolating systems at three security levels from one another.The approach proposed is already partly implemented in major computing centres, though with an effectiveness far from that required. Specifically, it is shown that shared DASD degrades the overall security level to that of the least secure system connected. A higher degree of security, as this paper suggests, is reachable in current systems by defining and implementing a three-level (minimal) topology as part of an overall security strategy.     

构件化动态可扩展操作系统的内核安全模型

灵活内核技术把构件技术充分地融入到了操作系统体系结构的设计中,在兼顾了性能和灵活性的同时也引入了安全问题.对灵活内核带来的安全问题进行了分析,讨论了几种现有的解决内核安全问题的技术,综合几种现有技术设计了一种基于页表机制和构件技术的内核安全模型,介绍了其在Intel x86处理器上的原型实现要点,最后对该模型进行了分析,说明其解决了所提出的安全问题.     

Nutos系统多策略安全模型设计与实现

传统的MLS策略侧重于信息机密性保护,却很少考虑完整性,也无法有效实施信道控制策略,在解决不同安全级别信息流动问题时采用的可信主体也存在安全隐患。为了在同一系统中满足多样性的安全需求,给出混合多策略模型——MPVSM模型,有机组合了BLP、Biba、DTE、RBAC等安全模型的属性和功能,消除了MLS模型的缺陷,提高了信道控制能力和权限分配的灵活度,对可信主体的权限也进行了有力的控制和约束。给出MPVSM模型的形式化描述以及在原型可信操作系统Nutos中的实现,并给出了策略配置实例。