中文摘要：

当前可信计算平台缺乏对自身运行时安全属性的监控,对此,提出一种针对嵌入式可信平台的运行时监控方法。通过自动化的代码插入和运行时实时监控,保证可信平台的运行时安全功能符合设计规范,并保证系统性能和运行状态符合特定条件约束,同时对相应的异常进行实时处理。实验结果表明,随着监控节点数的增长,监控的准确性和实时性提高,而监控开销和异常处理开销处于合理范围。

英文摘要：

The state-of-art trusted computing platforms fall short of monitoring its own runtime security properties. In order to mitigate these problems, an approach on runtime monitoring for the embedded trusted platforms was proposed. With the automated code instrumentation and the runtime monitoring, that the runtime security functionalities were consistent with the design specifications of trusted computing platforms could be made sure. The system performance and states meet specific constraints could also be ensured. The runtime exceptions on the specific properties were handled in real-time. The experimental results show that with the increase on the number of monitoring nodes, the precision and real-time performance of proposed runtime monitoring increase. Meanwhile, the costs on the monitoring and the exception handling are moderate.