113 V.3.1 Niveaux d'identification et de validation des flux, p.113 ,
130 VI.2.1 Cadre d'utilisation, p.131 ,
135 VI.3.1 Capture des flux ascendants des applications redondantes en vue de leur validation135 VI.3.1.1 Implémentation de la diversification par virtualisation, Java, p.139 ,
139 VI.3.2.1 Gestion de l'interaction avec l'opérateur, p.140 ,
1 Description d'une machine virtuelle non sûre 142 VI.4.1.2 Description d'une machine virtuelle sûre, 142 VI.4.1 Interception des appels Java Swing, p.144 ,
Eclipse AspectJ, Aspect-Oriented Programming with AspectJ and the Eclipse Aspect Development Tools, 2005. ,
Communications for Integrated Modular Avionics, Aerospace Conference, pp.1-18, 2007. ,
The MILS architecture for high-assurance embedded systems, International Journal of Embedded Systems, vol.2, issue.3/4, pp.239-247, 2006. ,
DOI : 10.1504/IJES.2006.014859
Basic concepts and taxonomy of dependable and secure computing, IEEE Transactions on Dependable and Secure Computing, vol.1, issue.1, pp.11-33, 2004. ,
DOI : 10.1109/TDSC.2004.2
The N-Version Approach to Fault-Tolerant Software, IEEE Transactions on Software Engineering, vol.11, issue.12, pp.1491-1501, 1985. ,
DOI : 10.1109/TSE.1985.231893
Trusted Computing Platforms, TCPA technology in context, 2003. ,
A preemptive deterministic scheduling algorithm for multithreaded replicas, 2003 International Conference on Dependable Systems and Networks, 2003. Proceedings., pp.149-158, 2003. ,
DOI : 10.1109/DSN.2003.1209926
Loose synchronization of multithreaded replicas, 21st IEEE Symposium on Reliable Distributed Systems, 2002. Proceedings., p.250, 2002. ,
DOI : 10.1109/RELDIS.2002.1180194
Integrity Considerations for Secure Computer Systems. MITRE Co., technical report ESD-TR, pp.76-372, 1977. ,
Beginner's Guide for the UCSD Pascal System, 1980. ,
The consistent comparison problem in N-version software, IEEE Transactions on Software Engineering, vol.15, issue.11, pp.1481-1485, 1989. ,
DOI : 10.1109/32.41339
A Comparison of Commercial and Military Computer Security Policies, 1987 IEEE Symposium on Security and Privacy, pp.184-194, 1987. ,
DOI : 10.1109/SP.1987.10001
High level failure analysis for Integrated Modular Avionics, Proceedings of the Sixth Australian workshop on Safety critical systems and software, pp.13-21, 2001. ,
Code Generation Strategies from AADL Architectural Descriptions Targeting the High Integrity Domain, 4th European Congress ERTS, 2008. ,
MARIGNAN-A method for correcting intermittent failures, International Symposium on Fault-Tolerant Computing FTC-5, 1975. ,
Internet Security: An Intrusion-Tolerance Approach, Proceedings of the IEEE, vol.94, issue.2, pp.432-441, 2006. ,
DOI : 10.1109/JPROC.2005.862320
Intrusion tolerance in distributed computing systems, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy, pp.441-451, 1991. ,
DOI : 10.1109/RISP.1991.130780
SQUALE Dependability Assessment Criteria, p.71, 1999. ,
DOI : 10.1007/3-540-48249-0_3
Diversity against accidental and deliberate faults Computer Security, Dependability, and Assurance: From Needs to Solutions, pp.171-181, 1998. ,
Multithreading Strategies for Replicated Objects, Proceedings of the 9th ACM/IFIP/USENIX International Conference on Middleware, pp.104-123, 2008. ,
DOI : 10.1007/11773887_20
ReVirt, ACM SIGOPS Operating Systems Review, vol.36, issue.SI, pp.211-224, 2002. ,
DOI : 10.1145/844128.844148
A model of noninterference for integrating mixed-criticality software components, Dependable Computing for Critical Applications 7, 1999. ,
DOI : 10.1109/DCFTS.1999.814302
Implementing replicated services in open systems using a reflective approach, Proceedings of the Third International Symposium on Autonomous Decentralized Systems. ISADS 97, 1997. ,
DOI : 10.1109/ISADS.1997.590631
Transparent fault-tolerant Java virtual machine, 22nd International Symposium on Reliable Distributed Systems, 2003. Proceedings., pp.319-328, 2003. ,
DOI : 10.1109/RELDIS.2003.1238083
A Virtual Machine Introspection Based Architecture for Intrusion Detection, Proc. Network and Distributed Systems Security Symposium, pp.191-206, 2003. ,
A census of Tandem system availability between 1985 and 1990, IEEE Transactions on Reliability, vol.39, issue.4, pp.409-432, 1985. ,
DOI : 10.1109/24.58719
Implementing a User Mode Linux with Minimal Changes from Original Kernel, 9th International Linux Sysem Technology Conference, 2002. ,
Architecting Dependable and Secure Systems Using Virtualization, Architecting Dependable Systems V, pp.124-149, 2008. ,
DOI : 10.1145/844128.844148
Detecting Past and Present Intrusions Through Vulnerability-Specific Predicates, 20th ACM Symposium on Operating Systems Principles (SOSP), pp.91-104, 2005. ,
DOI : 10.1145/1095809.1095820
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.81.29
The PikeOS Concept: History and Design, SYSGO Embedding Innovations White Paper ,
Backtracing Intrusion, 19th ACM Symposium on Operating Systems Principles (SOSP '03), pp.51-76, 2003. ,
Debugging Operating Sysetms with Time- Traveling Virtual Machines, Annual USENIX Technical Conference, pp.1-15, 2005. ,
Enriching Intrusion Alerts through Multi-Host Causality, Network and Distributed System Security Symposium (NDSS), 2005. ,
Distributed fault-tolerant real-time systems: the Mars approach, IEEE Micro, vol.9, issue.1, pp.25-40, 1989. ,
DOI : 10.1109/40.16792
Safety and Security Architectures for Avionics, Doctoral Consortium (DCSOFT 2008), the 3rd International Conference on Software and Data Technologies, 2008. ,
Criticality and Confidence Issues in Avionics, 12th European Workshop on Dependable Computing (EWDC), EWDC'09, 2009. ,
URL : https://hal.archives-ouvertes.fr/hal-00381966
Une approche de virtualisation assistée par le matériel pour protéger l'espace noyau d'actions malveillantes, Symposium sur la Sécurité des Technologies de l'Information et des Communications, 2009. ,
SnowFlock, Proceedings of the fourth ACM european conference on Computer systems, EuroSys '09, pp.1-12, 2009. ,
DOI : 10.1145/1519065.1519067
Definition and analysis of hardware- and software-fault-tolerant architectures, Computer, vol.23, issue.7, pp.39-51, 1990. ,
DOI : 10.1109/2.56851
Intrusion detection in virtual machine environments, Proceedings. 30th Euromicro Conference, 2004., pp.520-525, 2004. ,
DOI : 10.1109/EURMIC.2004.1333416
Efficient incremental checkpointing of Java programs, Proceeding International Conference on Dependable Systems and Networks. DSN 2000, 2000. ,
DOI : 10.1109/ICDSN.2000.857515
URL : https://hal.archives-ouvertes.fr/inria-00072848
Fault Tolerance: Principles and Practice, 1990. ,
Implementation of a transient-fault-tolerance scheme on DEOS-a technology transfer from an academic system to an industrial system, Proceedings of the Fifth IEEE Real-Time Technology and Applications Symposium, pp.56-65, 1999. ,
Software Models for Standardizing the Human-Machine Interface Connection to a Machine Controller, Proceedings of the World Automation Congress, 2000. ,
Civil Avionics Systems, 2003. ,
DOI : 10.1002/9781118536704
CERBERUS-16: An Architecture for a General Purpose Watchdog Processor, 13th Int. Symposium on Fault Tolerant Computing (FTCS-13), pp.316-325, 1983. ,
A fault-tolerant java virtual machine, 2003 International Conference on Dependable Systems and Networks, 2003. Proceedings., pp.425-434, 2003. ,
DOI : 10.1109/DSN.2003.1209953
Commercial Aircraft Information Security-an Overview of ARINC Report 811, 2006 ieee/aiaa 25TH Digital Avionics Systems Conference, 2006. ,
DOI : 10.1109/DASC.2006.313761
Error-Correcting Codes, 1972. ,
Replica Determinism in Distributed Real-Time Systems: A Brief Survey. Real-Time Systems, pp.289-316, 1994. ,
Chapter 6 Replicated Software Components. Dans Delta-4: A generic architecture for dependable computing, ESPRIT Research Reports, pp.100-104, 1991. ,
Auto-surveillance logicielle pour applications critiques: méthode et mécanismes, Thèse en informatique, 1995. ,
System structure for software fault tolerance, Proceedings of the international conference on Reliable software, pp.437-449, 1975. ,
Hypervisor-Based Efficient Proactive Recovery, 2007 26th IEEE International Symposium on Reliable Distributed Systems (SRDS 2007), pp.83-92, 2007. ,
DOI : 10.1109/SRDS.2007.25
Virtual network computing, IEEE Internet Computing, vol.2, issue.1, 1998. ,
DOI : 10.1109/4236.656066
BASE: using abstraction to improve fault tolerance, ACM Transactions on Computer Systems, vol.21, issue.3, pp.236-269, 2003. ,
Software dependability modeling using an industry-standard architecture description language, 2008. ,
URL : https://hal.archives-ouvertes.fr/hal-00323983
Partitioning in Avionics Architectures: Requirements, Mechanisms, and Assurance, 2000. ,
Formal Methods and the Certification of Critical Systems, 1993. ,
MetaKernels and fault containment wrappers, Digest of Papers. Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing (Cat. No.99CB36352), pp.22-29, 1999. ,
DOI : 10.1109/FTCS.1999.781030
Virtual Machines: Versatile Platforms for Systems and Processes. 1er éd, 2005. ,
Architecture de l'ordinateur : Cours et exercices, 2001. ,
Integrity management in GUARDS, Proceedings of IFIP International Conference on Distributed Systems Platforms and Open Distributed Processing (Middleware'98), pp.105-122, 1998. ,
DOI : 10.1007/978-1-4471-1283-9_7
Supporting multiple levels of criticality, Digest of Papers. Twenty-Eighth Annual International Symposium on Fault-Tolerant Computing (Cat. No.98CB36224), pp.70-79, 1998. ,
DOI : 10.1109/FTCS.1998.689456
Politique d'intégrité multiniveau pour la protection en ligne de tâches critiques, Thèse en informatique, 1998. ,
Airbus Fly-By-Wire: A Total Approach To Dependability, Dans Building the Information Society, pp.191-212, 2004. ,
DOI : 10.1007/978-1-4020-8157-6_18
Environment Characterization and System Modeling Approach for the Quantitative Evaluation of Security, 28th Int. Conf. on Computer Safety, Reliability and Security (SAFECOMP'09, 2009. ,
DOI : 10.1109/MSECP.2003.1219056
A Time to Patch, 2006. ,
Lightweight virtual machines for distributed and networked application, USENIX Annual Technical Conference, 2002. ,
nous avons mis une temporisation pour attendre que la phase d'instanciation soit terminée, afin d'éviter d'avoir des problèmes de synchronisme au départ. try{Thread.sleep(15000);} catch(InterruptedException e){} ,
ont pas été modifiées, l'application fonctionne correctement, et traite le message : public void TraiterMessage (Message mess){ if(mess.natureMessage.equals NouveauFrame(mess) ,
A son instanciation, à l'instar du frame, un message va être envoyé à la machine sûre avec l'instruction button. La machine sûre exécute ce message de cette manière ,
est-à-dire quand le manipulateur clique sur le bouton « fictif » de la machine sûre. Ce clic doit être envoyé aux machines virtuelles. Nous supposons ici qu'une action soit associée à chaque bouton, ce qui d'un premier abord parait évident. On crée donc un bouton ,