------------------------------------------------------------------------------ ------------------------------------------------------------------------------ -- Cheddar is a GNU GPL real-time scheduling analysis tool. -- This program provides services to automatically check schedulability and -- other performance criteria of real-time architecture models. -- -- Copyright (C) 2002-2016, Frank Singhoff, Alain Plantec, Jerome Legrand -- -- The Cheddar project was started in 2002 by -- Frank Singhoff, Lab-STICC UMR 6285 laboratory, Université de Bretagne Occidentale -- -- Cheddar has been published in the "Agence de Protection des Programmes/France" in 2008. -- Since 2008, Ellidiss technologies also contributes to the development of -- Cheddar and provides industrial support. -- -- The full list of contributors and sponsors can be found in AUTHORS.txt and SPONSORS.txt -- -- This program is free software; you can redistribute it and/or modify -- it under the terms of the GNU General Public License as published by -- the Free Software Foundation; either version 2 of the License, or -- (at your option) any later version. -- -- This program is distributed in the hope that it will be useful, -- but WITHOUT ANY WARRANTY; without even the implied warranty of -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- GNU General Public License for more details. -- -- You should have received a copy of the GNU General Public License -- along with this program; if not, write to the Free Software -- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -- -- -- Contact : cheddar@listes.univ-brest.fr -- ------------------------------------------------------------------------------ -- Last update : -- $Rev: 3561 $ -- $Date: 2020-11-02 08:25:02 +0100 (Mon, 02 Nov 2020) $ -- $Author: singhoff $ ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ with Ada.Numerics.Elementary_Functions; use Ada.Numerics.Elementary_Functions; with Ada.Strings; use Ada.Strings; with Ada.Strings.Fixed; use Ada.Strings.Fixed; with Ada.Numerics.Float_Random; use Ada.Numerics.Float_Random ; with unbounded_strings; use unbounded_strings; with Ada.Strings.Unbounded; use Ada.Strings.Unbounded; with Ada.Strings.Unbounded; use Ada.Strings.Unbounded; with unbounded_strings; use unbounded_strings; with Ada.Strings; use Ada.Strings; with Ada.Text_IO.Unbounded_IO; use Ada.Text_IO.Unbounded_IO; with Ada.Directories; use Ada.Directories; with Ada.Strings.Unbounded; use Ada.Strings.Unbounded; with Unbounded_Strings; use Unbounded_Strings; with convert_unbounded_strings; use unbounded_strings.unbounded_string_list_package; use unbounded_strings.strings_table_package; with Ada.Strings; use Ada.Strings; with Ada.Text_IO.Unbounded_IO; use Ada.Text_IO.Unbounded_IO; with Ada.text_IO; use Ada.text_IO; with Ada.Integer_text_IO; use Ada.Integer_text_IO; with Ada.Float_Text_IO; use Ada.Float_Text_IO; with Dependencies; use Dependencies; with Task_Dependencies; use Task_Dependencies; with Task_Dependencies; use Task_Dependencies.Half_Dep_Set; with Message_Set ; use Message_Set; with Messages; use Messages; with Tasks; use Tasks; with Task_Set; use Task_Set; with Resources; use Resources; with Resource_Set; use Resource_Set; with Objects; use Objects; with convert_unbounded_strings; use unbounded_strings.unbounded_string_list_package; with Scheduler_Interface; use Scheduler_Interface; with Address_Spaces; use Address_Spaces; with Address_Space_Set; use Address_Space_Set; with Call_Framework; use Call_Framework; with Call_Framework_Interface; use Call_Framework_Interface; use Call_Framework_Interface.Framework_Response_Package; use Call_Framework_Interface.Framework_Request_Package; with Call_Scheduling_Framework; use Call_Scheduling_Framework; with Pipe_Commands; use Pipe_Commands; with Ada.Text_IO; use Ada.Text_IO; with Ada.Text_IO.Unbounded_IO; use Ada.Text_IO.Unbounded_IO; with Ada.Directories; use Ada.Directories; with GNAT.OS_Lib; use GNAT.OS_Lib; with Debug; use Debug; with Random_Tools; use Random_Tools; use unbounded_strings.strings_table_package; with architecture_factory; use architecture_factory; with Ada.Integer_text_IO; use Ada.Integer_text_IO; with Ada.Float_Text_IO; use Ada.Float_Text_IO; with Systems; use Systems; with Processors; use Processors; with Processor_Set; use Processor_Set; with processor_interface; use processor_interface; use Processor_Set.Generic_Processor_Set; with Core_Units; use Core_Units; use Core_Units.Core_Units_Table_Package; with natural_util; use natural_util; with feasibility_test.feasibility_interval; use feasibility_test.feasibility_interval; with integer_util; use integer_util; use Resources.Resource_Accesses; with float_util; use float_util; with Ada.Characters.Latin_1; use Ada.Characters; with Ada.Text_IO; use Ada.Text_IO; with GNAT.String_Split; use GNAT; with MILS_Security; use MILS_Security; with Random_Tools; use Random_Tools; with Memories; use Memories; with Chromosome_Data_Manipulation_mils; use Chromosome_Data_Manipulation_mils; package body security_implementation is ------------------- -- security configuration 1 -- ------------------- Procedure security_configuration1 (A_sys : in out System; s : in solution) is encrypt_addr ,decrypt_addr : Unbounded_String; capacity_encrypter, capacity_decrypter, capacity_hash : natural; y, j, finish : Integer; A_task_name : Unbounded_String; A_task_source : Generic_Task_Ptr; A_task_sink : Generic_Task_Ptr; begin -- Dependencies j:=1; -- y:= genes; y:= Integer (Get_Number_Of_Task_From_Processor (A_sys.Tasks,To_Unbounded_String( "processor1"))); while (j<= genes_com) loop finish := index(s.chrom_com(j).source_sink,"_"); A_task_source := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,1,finish-1))) ; A_task_sink := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,finish+1,Length(s.chrom_com(j).source_sink)))); -- add dependencies between tasks Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); if (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 19) then capacity_encrypter:= DW_capacity_encrypt; capacity_decrypter:= DW_capacity_decrypt; capacity_hash:= UP_capacity; elsif (Integer'Value (To_String (Suppress_Space (A_task_source.name))) > 19) AND (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 26) then capacity_encrypter:= DW_capacity_encrypt2; capacity_decrypter:= DW_capacity_decrypt2; capacity_hash := UP_capacity2; else capacity_encrypter:= DW_capacity_encrypt3; capacity_decrypter:= DW_capacity_decrypt3; capacity_hash := UP_capacity3; end if; if (s.chrom_com(j).mode/= nosecure) then if (A_task_sink.mils_confidentiality_level< A_task_source.mils_confidentiality_level) then y := y+1; Put_Debug("Downgrader (Encrypter & Decrypter): "&y'img&" is added"); A_task_source.capacity:=A_task_source.capacity+capacity_encrypter+Key_capacity_DW; A_task_sink.capacity:= A_task_sink.capacity+capacity_decrypter+Key_capacity_DW; nb_bell_resolved:=nb_bell_resolved+1; end if; if (A_task_source.mils_integrity_level< A_task_sink.mils_integrity_level)then y := y+1; Put_Debug("Upgrader : "&y'img&" is added"); A_task_source.capacity:=A_task_source.capacity+capacity_hash; A_task_sink.capacity:= A_task_sink.capacity+capacity_hash; nb_biba_resolved:=nb_biba_resolved+1; end if; end if; j:=j+1; end loop; end security_configuration1; ------------------- -- security configuration 2 -- ------------------- Procedure security_configuration2 (A_sys : in out System; s : in solution) is encrypt_addr ,decrypt_addr : Unbounded_String; capacity_encrypter, capacity_decrypter, capacity_hash : natural; y, j, finish: Integer; dep_bell_solved: Boolean; A_task_name : Unbounded_String; A_task_source,A_task_Key_source,A_task_DW,A_task_DW_decypt : Generic_Task_Ptr; A_task_sink, A_task_Key_sink : Generic_Task_Ptr; A_task_UP_source, A_task_UP_sink: Generic_Task_Ptr; begin j:=1; -- y := genes; y:= Integer (Get_Number_Of_Task_From_Processor (A_sys.Tasks,To_Unbounded_String( "processor1"))); while (j<= genes_com) loop finish := index(s.chrom_com(j).source_sink,"_"); A_task_source := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,1,finish-1))) ; A_task_sink := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,finish+1,Length(s.chrom_com(j).source_sink)))); if (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 19) then capacity_encrypter:= DW_capacity_encrypt; capacity_decrypter:= DW_capacity_decrypt; capacity_hash:= UP_capacity; elsif (Integer'Value (To_String (Suppress_Space (A_task_source.name))) > 19) AND (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 26) then capacity_encrypter:= DW_capacity_encrypt2; capacity_decrypter:= DW_capacity_decrypt2; capacity_hash := UP_capacity2; else capacity_encrypter:= DW_capacity_encrypt3; capacity_decrypter:= DW_capacity_decrypt3; capacity_hash := UP_capacity3; end if; if (s.chrom_com(j).mode /= nosecure) then dep_bell_solved:=False; if (A_task_sink.mils_confidentiality_level< A_task_source.mils_confidentiality_level) then if(A_task_source.address_space_name/=A_task_sink.address_space_name) then -- consider the inter partition communication Put_Debug("Downgrader (Encrypter & Decrypter) is added"); A_task_source.capacity:=A_task_source.capacity+capacity_encrypter+Key_capacity_DW; A_task_sink.capacity:= A_task_sink.capacity+capacity_decrypter+Key_capacity_DW; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); nb_bell_resolved:=nb_bell_resolved+1; elsif (A_task_source.address_space_name=A_task_sink.address_space_name) then -- consider the intra partition communication y := y+1; Put_Debug("Downgrader (Encrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_encrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); y:=y+1; Put_Debug("New downgrading task (Decrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_decrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW_decypt:=Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_DW_decypt); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW_decypt, Sink => A_task_sink); y:=y+1; Put_Debug("New key set up task for encrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_source, Sink => A_task_source); y:=y+1; Put_Debug("New key set up task for decrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_sink.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_sink, Sink => A_task_sink); end if; dep_bell_solved:=True; end if; if (A_task_source.mils_integrity_level< A_task_sink.mils_integrity_level)then if(dep_bell_solved=False) then --lors de la résolution du problème d'integrité, on garde la communication -- mais s'il n'y avait pas de problème de confidentialité resolu, il y a donc déjà un lien entre les 2 taches via les DW Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); nb_biba_resolved:=nb_biba_resolved+1; elsif(dep_bell_solved=True)and (A_task_source.address_space_name/=A_task_sink.address_space_name) then nb_biba_resolved:=nb_biba_resolved+1; end if; if(A_task_source.address_space_name/=A_task_sink.address_space_name) then A_task_source.capacity:=A_task_source.capacity+capacity_hash; A_task_sink.capacity:= A_task_sink.capacity+capacity_hash; elsif (A_task_source.address_space_name=A_task_sink.address_space_name) then y := y+1; Put_Debug("Hash at emission : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_source, Sink => A_task_source); y := y+1; Put_Debug("Hash at reception : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")) , Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP_sink); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_sink, Sink => A_task_sink); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); end if; end if; else -- add dependencies between tasks Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); end if; j:=j+1; end loop; end security_configuration2; ------------------- -- security configuration 3 -- ------------------- Procedure security_configuration3 (A_sys : in out System; s : in solution) is encrypt_addr ,decrypt_addr : Unbounded_String; capacity_encrypter, capacity_decrypter, capacity_hash : natural; y, j,i, finish : Integer; dep_bell_solved: Boolean; A_task_name : Unbounded_String; A_task_source,A_task_DW : Generic_Task_Ptr; A_task_sink : Generic_Task_Ptr; A_task_UP: Generic_Task_Ptr; type security_partition is array (1..nb_partitions) of multiplexe_security_partition; multiplexe_security: security_partition; begin -- y := genes; y:= Integer (Get_Number_Of_Task_From_Processor (A_sys.Tasks,To_Unbounded_String( "processor1"))); for j in 1..nb_partitions loop multiplexe_security(j).addr:= Suppress_Space (To_Unbounded_String ("addr" & j'Img)); multiplexe_security(j).confidentiality_capacity:=0; multiplexe_security(j).integrity_capacity:=0; end loop; j:=1; while (j<= genes_com) loop finish := index(s.chrom_com(j).source_sink,"_"); A_task_source := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,1,finish-1))) ; A_task_sink := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,finish+1,Length(s.chrom_com(j).source_sink)))); if (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 19) then capacity_encrypter:= DW_capacity_encrypt; capacity_decrypter:= DW_capacity_decrypt; capacity_hash:= UP_capacity; elsif (Integer'Value (To_String (Suppress_Space (A_task_source.name))) > 19) AND (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 26) then capacity_encrypter:= DW_capacity_encrypt2; capacity_decrypter:= DW_capacity_decrypt2; capacity_hash := UP_capacity2; else capacity_encrypter:= DW_capacity_encrypt3; capacity_decrypter:= DW_capacity_decrypt3; capacity_hash := UP_capacity3; end if; if (s.chrom_com(j).mode /= nosecure) then dep_bell_solved:=False; if (A_task_sink.mils_confidentiality_level< A_task_source.mils_confidentiality_level) then if(A_task_source.address_space_name/=A_task_sink.address_space_name) then -- consider the inter partition communication Put_Debug("Downgrader (Encrypter & Decrypter) is added"); A_task_source.capacity:=A_task_source.capacity+capacity_encrypter+Key_capacity_DW; A_task_sink.capacity:= A_task_sink.capacity+capacity_decrypter+Key_capacity_DW; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); nb_bell_resolved:=nb_bell_resolved+1; elsif (A_task_source.address_space_name=A_task_sink.address_space_name) then -- consider the intra partition communication y := y+1; finish := index(A_task_source.address_space_name,"r"); i := Integer'value(To_String( Suppress_Space (Unbounded_Slice(A_task_source.address_space_name,finish+1,Length(A_task_source.address_space_name))))) ; if (multiplexe_security(i).confidentiality_capacity=0) then multiplexe_security(i).tsk_confidentiality:=y; multiplexe_security(i).confidentiality_capacity:=capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), core_name => Suppress_Space (To_Unbounded_String("")), Address_Space_Name => A_task_source.address_space_name, Task_Type => Periodic_Type, Start_Time => 0 , Capacity => multiplexe_security(i).confidentiality_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); else multiplexe_security(i).confidentiality_capacity:=multiplexe_security(i).confidentiality_capacity+capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&multiplexe_security(i).tsk_confidentiality'img))) ; A_task_DW.capacity:= multiplexe_security(i).confidentiality_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); end if; end if; dep_bell_solved:=True; end if; if (A_task_source.mils_integrity_level< A_task_sink.mils_integrity_level)then if(dep_bell_solved=False) then --lors de la résolution du problème d'integrité, on garde la communication -- mais s'il n'y avait pas de problème de confidentialité resolu, il y a donc déjà un lien entre les 2 taches via les DW Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); nb_biba_resolved:=nb_biba_resolved+1; elsif(dep_bell_solved=True)and (A_task_source.address_space_name/=A_task_sink.address_space_name) then nb_biba_resolved:=nb_biba_resolved+1; end if; if(A_task_source.address_space_name/=A_task_sink.address_space_name) then A_task_source.capacity:=A_task_source.capacity+capacity_hash; A_task_sink.capacity:= A_task_sink.capacity+capacity_hash; elsif (A_task_source.address_space_name=A_task_sink.address_space_name) then y:=y+1; finish := index(A_task_source.address_space_name,"r"); i := Integer'value(To_String( Suppress_Space (Unbounded_Slice(A_task_source.address_space_name,finish+1,Length(A_task_source.address_space_name))))) ; if (multiplexe_security(i).integrity_capacity=0) then multiplexe_security(i).tsk_integrity:=y; multiplexe_security(i).integrity_capacity:=2*capacity_hash; Put_Debug("Hash is added for partition" & To_String(multiplexe_security(i).addr)); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => multiplexe_security(i).integrity_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); else multiplexe_security(i).integrity_capacity:=multiplexe_security(i).integrity_capacity+2*capacity_hash; A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""& multiplexe_security(i).tsk_integrity'img))) ; A_task_UP.capacity := multiplexe_security(i).integrity_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); end if; end if; end if; else -- add dependencies between tasks Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); end if; j:=j+1; end loop; end security_configuration3; ------------------- -- security configuration 4 -- ------------------- Procedure security_configuration4 (A_sys : in out System; s : in solution) is encrypt_addr ,decrypt_addr : Unbounded_String; capacity_encrypter, capacity_decrypter, capacity_hash : natural; y, j, finish: Integer; dep_bell_solved: Boolean; A_task_name : Unbounded_String; A_task_source,A_task_Key_source,A_task_DW,A_task_DW_decypt : Generic_Task_Ptr; A_task_sink, A_task_Key_sink : Generic_Task_Ptr; A_task_UP_source, A_task_UP_sink: Generic_Task_Ptr; begin j:=1; -- y := genes; y:= Integer (Get_Number_Of_Task_From_Processor (A_sys.Tasks,To_Unbounded_String( "processor1"))); while (j<= genes_com) loop finish := index(s.chrom_com(j).source_sink,"_"); A_task_source := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,1,finish-1))) ; A_task_sink := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,finish+1,Length(s.chrom_com(j).source_sink)))); if (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 19) then capacity_encrypter:= DW_capacity_encrypt; capacity_decrypter:= DW_capacity_decrypt; capacity_hash:= UP_capacity; elsif (Integer'Value (To_String (Suppress_Space (A_task_source.name))) > 19) AND (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 26) then capacity_encrypter:= DW_capacity_encrypt2; capacity_decrypter:= DW_capacity_decrypt2; capacity_hash := UP_capacity2; else capacity_encrypter:= DW_capacity_encrypt3; capacity_decrypter:= DW_capacity_decrypt3; capacity_hash := UP_capacity3; end if; if (s.chrom_com(j).mode/= nosecure) then dep_bell_solved:=False; if (A_task_sink.mils_confidentiality_level< A_task_source.mils_confidentiality_level) then if(A_task_source.address_space_name=A_task_sink.address_space_name) then -- consider the intra partition communication Put_Debug("Downgrader (Encrypter & Decrypter) is added"); A_task_source.capacity:=A_task_source.capacity+capacity_encrypter+Key_capacity_DW; A_task_sink.capacity:= A_task_sink.capacity+capacity_decrypter+Key_capacity_DW; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); nb_bell_resolved:=nb_bell_resolved+1; elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then -- consider the inter partition communication y := y+1; Put_Debug("Downgrader (Encrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_encrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); y:=y+1; Put_Debug("New downgrading task (Decrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_decrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW_decypt:=Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_DW_decypt); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW_decypt, Sink => A_task_sink); y:=y+1; Put_Debug("New key set up task for encrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_source, Sink => A_task_source); y:=y+1; Put_Debug("New key set up task for decrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_sink.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_sink, Sink => A_task_sink); end if; dep_bell_solved:=True; end if; if (A_task_source.mils_integrity_level< A_task_sink.mils_integrity_level)then if(dep_bell_solved=False) then --lors de la résolution du problème d'integrité, on garde la communication -- mais s'il n'y avait pas de problème de confidentialité resolu, il y a donc déjà un lien entre les 2 taches via les DW Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); nb_biba_resolved:=nb_biba_resolved+1; elsif(dep_bell_solved=True)and (A_task_source.address_space_name=A_task_sink.address_space_name) then nb_biba_resolved:=nb_biba_resolved+1; end if; if(A_task_source.address_space_name=A_task_sink.address_space_name) then A_task_source.capacity:=A_task_source.capacity+capacity_hash; A_task_sink.capacity:= A_task_sink.capacity+capacity_hash; elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then y := y+1; Put_Debug("Hash at emission : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_source, Sink => A_task_source); y := y+1; Put_Debug("Hash at reception : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP_sink); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_sink, Sink => A_task_sink); end if; end if; else -- add dependencies between tasks Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); end if; j:=j+1; end loop; end security_configuration4; ------------------- -- security configuration 5 -- ------------------- Procedure security_configuration5 (A_sys : in out System; s : in solution) is encrypt_addr ,decrypt_addr : Unbounded_String; capacity_encrypter, capacity_decrypter, capacity_hash : natural; y, j, finish : Integer; dep_bell_solved: Boolean; --inter, intra A_task_name : Unbounded_String; A_task_source,A_task_Key_source,A_task_DW,A_task_DW_decypt : Generic_Task_Ptr; A_task_sink, A_task_Key_sink : Generic_Task_Ptr; A_task_UP_source, A_task_UP_sink: Generic_Task_Ptr; begin j:=1; -- y := genes; y:= Integer (Get_Number_Of_Task_From_Processor (A_sys.Tasks,To_Unbounded_String( "processor1"))); while (j<= genes_com) loop finish := index(s.chrom_com(j).source_sink,"_"); A_task_source := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,1,finish-1))) ; A_task_sink := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,finish+1,Length(s.chrom_com(j).source_sink)))); if (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 19) then capacity_encrypter:= DW_capacity_encrypt; capacity_decrypter:= DW_capacity_decrypt; capacity_hash:= UP_capacity; elsif (Integer'Value (To_String (Suppress_Space (A_task_source.name))) > 19) AND (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 26) then capacity_encrypter:= DW_capacity_encrypt2; capacity_decrypter:= DW_capacity_decrypt2; capacity_hash := UP_capacity2; else capacity_encrypter:= DW_capacity_encrypt3; capacity_decrypter:= DW_capacity_decrypt3; capacity_hash := UP_capacity3; end if; if (s.chrom_com(j).mode/= nosecure) then dep_bell_solved:=False; if (A_task_sink.mils_confidentiality_level< A_task_source.mils_confidentiality_level) then y := y+1; Put_Debug("Downgrader (Encrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_encrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); y:=y+1; Put_Debug("New downgrading task (Decrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_decrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW_decypt:=Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_DW_decypt); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW_decypt, Sink => A_task_sink); y:=y+1; Put_Debug("New key set up task for encrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_source, Sink => A_task_source); y:=y+1; Put_Debug("New key set up task for decrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_sink.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_sink, Sink => A_task_sink); dep_bell_solved:=True; end if; if (A_task_source.mils_integrity_level< A_task_sink.mils_integrity_level)then if(dep_bell_solved=False) then --lors de la résolution du problème d'integrité, on garde la communication -- mais s'il n'y avait pas de problème de confidentialité resolu, il y a donc déjà un lien entre les 2 taches via les DW Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); nb_biba_resolved:=nb_biba_resolved+1; end if; y := y+1; Put_Debug("Hash at emission : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_source, Sink => A_task_source); y := y+1; Put_Debug("Hash at reception : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP_sink); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_sink, Sink => A_task_sink); end if; else -- add dependencies between tasks Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); end if; j:=j+1; end loop; end security_configuration5; ------------------- -- security configuration 6 -- ------------------- Procedure security_configuration6 (A_sys : in out System; s : in solution) is encrypt_addr ,decrypt_addr : Unbounded_String; capacity_encrypter, capacity_decrypter, capacity_hash : natural; y, j,i, finish : Integer; dep_bell_solved: Boolean; A_task_name : Unbounded_String; A_task_source,A_task_Key_source,A_task_DW,A_task_DW_decypt : Generic_Task_Ptr; A_task_sink, A_task_Key_sink : Generic_Task_Ptr; A_task_UP, A_task_UP_source, A_task_UP_sink: Generic_Task_Ptr; type security_partition is array (1..nb_partitions) of multiplexe_security_partition; multiplexe_security: security_partition; begin -- y := genes; y:= Integer (Get_Number_Of_Task_From_Processor (A_sys.Tasks,To_Unbounded_String( "processor1"))); for j in 1..nb_partitions loop multiplexe_security(j).addr:= Suppress_Space (To_Unbounded_String ("addr" & j'Img)); multiplexe_security(j).confidentiality_capacity:=0; multiplexe_security(j).integrity_capacity:=0; end loop; j:=1; while (j<= genes_com) loop finish := index(s.chrom_com(j).source_sink,"_"); A_task_source := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,1,finish-1))) ; A_task_sink := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,finish+1,Length(s.chrom_com(j).source_sink)))); if (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 19) then capacity_encrypter:= DW_capacity_encrypt; capacity_decrypter:= DW_capacity_decrypt; capacity_hash:= UP_capacity; elsif (Integer'Value (To_String (Suppress_Space (A_task_source.name))) > 19) AND (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 26) then capacity_encrypter:= DW_capacity_encrypt2; capacity_decrypter:= DW_capacity_decrypt2; capacity_hash := UP_capacity2; else capacity_encrypter:= DW_capacity_encrypt3; capacity_decrypter:= DW_capacity_decrypt3; capacity_hash := UP_capacity3; end if; if (s.chrom_com(j).mode/= nosecure) then dep_bell_solved:=False; if (A_task_sink.mils_confidentiality_level< A_task_source.mils_confidentiality_level) then if(A_task_source.address_space_name/=A_task_sink.address_space_name) then -- consider the inter partition communication y := y+1; Put_Debug("Downgrader (Encrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_encrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); y:=y+1; Put_Debug("New downgrading task (Decrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_decrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW_decypt:=Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_DW_decypt); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW_decypt, Sink => A_task_sink); y:=y+1; Put_Debug("New key set up task for encrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_source, Sink => A_task_source); y:=y+1; Put_Debug("New key set up task for decrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_sink.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_sink, Sink => A_task_sink); elsif (A_task_source.address_space_name=A_task_sink.address_space_name) then -- consider the intra partition communication y := y+1; finish := index(A_task_source.address_space_name,"r"); i := Integer'value(To_String( Suppress_Space (Unbounded_Slice(A_task_source.address_space_name,finish+1,Length(A_task_source.address_space_name))))) ; if (multiplexe_security(i).confidentiality_capacity=0) then multiplexe_security(i).confidentiality_capacity:=capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; multiplexe_security(i).tsk_confidentiality:=y; Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => multiplexe_security(i).confidentiality_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); else multiplexe_security(i).confidentiality_capacity:=multiplexe_security(i).confidentiality_capacity+capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&multiplexe_security(i).tsk_confidentiality'img))) ; A_task_DW.capacity:= multiplexe_security(i).confidentiality_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); end if; end if; dep_bell_solved:=True; end if; if (A_task_source.mils_integrity_level< A_task_sink.mils_integrity_level)then if(dep_bell_solved=False) then --lors de la résolution du problème d'integrité, on garde la communication -- mais s'il n'y avait pas de problème de confidentialité resolu, il y a donc déjà un lien entre les 2 taches via les DW Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); nb_biba_resolved:=nb_biba_resolved+1; end if; if(A_task_source.address_space_name/=A_task_sink.address_space_name) then y := y+1; Put_Debug("Hash at emission : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_source, Sink => A_task_source); y := y+1; Put_Debug("Hash at reception : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP_sink); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_sink, Sink => A_task_sink); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); elsif (A_task_source.address_space_name=A_task_sink.address_space_name) then y:=y+1; i:=i+1; finish := index(A_task_source.address_space_name,"r"); i := Integer'value(To_String( Suppress_Space (Unbounded_Slice(A_task_source.address_space_name,finish+1,Length(A_task_source.address_space_name))))) ; if (multiplexe_security(i).integrity_capacity=0) then multiplexe_security(i).tsk_integrity:=y; multiplexe_security(i).integrity_capacity:=2*capacity_hash; Put_Debug("Hash is added for partition" & To_String(multiplexe_security(i).addr)); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => multiplexe_security(i).integrity_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); else multiplexe_security(i).integrity_capacity:=multiplexe_security(i).integrity_capacity+2*capacity_hash; A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""& multiplexe_security(i).tsk_integrity'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); end if; end if; end if; else -- add dependencies between tasks Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); end if; j:=j+1; end loop; end security_configuration6; ------------------- -- security configuration 7 -- ------------------- Procedure security_configuration7 (A_sys : in out System; s : in solution) is encrypt_addr ,decrypt_addr : Unbounded_String; capacity_encrypter, capacity_decrypter, capacity_hash : natural; y, j,i, finish : Integer; dep_bell_solved: Boolean; A_task_name : Unbounded_String; A_task_source,A_task_DW : Generic_Task_Ptr; A_task_sink : Generic_Task_Ptr; A_task_UP: Generic_Task_Ptr; type security_partition is array (1..nb_partitions) of multiplexe_security_partition; multiplexe_security: security_partition; begin -- y := genes; y:= Integer (Get_Number_Of_Task_From_Processor (A_sys.Tasks,To_Unbounded_String( "processor1"))); for j in 1..nb_partitions loop multiplexe_security(j).addr:= Suppress_Space (To_Unbounded_String ("addr" & j'Img)); multiplexe_security(j).confidentiality_capacity:=0; multiplexe_security(j).integrity_capacity:=0; end loop; j:=1; while (j<= genes_com) loop finish := index(s.chrom_com(j).source_sink,"_"); A_task_source := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,1,finish-1))) ; A_task_sink := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,finish+1,Length(s.chrom_com(j).source_sink)))); if (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 19) then capacity_encrypter:= DW_capacity_encrypt; capacity_decrypter:= DW_capacity_decrypt; capacity_hash:= UP_capacity; elsif (Integer'Value (To_String (Suppress_Space (A_task_source.name))) > 19) AND (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 26) then capacity_encrypter:= DW_capacity_encrypt2; capacity_decrypter:= DW_capacity_decrypt2; capacity_hash := UP_capacity2; else capacity_encrypter:= DW_capacity_encrypt3; capacity_decrypter:= DW_capacity_decrypt3; capacity_hash := UP_capacity3; end if; if (s.chrom_com(j).mode/= nosecure) then dep_bell_solved:=False; if (A_task_sink.mils_confidentiality_level< A_task_source.mils_confidentiality_level) then if(A_task_source.address_space_name=A_task_sink.address_space_name) then -- consider the intra partition communication Put_Debug("Downgrader (Encrypter & Decrypter) is added"); A_task_source.capacity:=A_task_source.capacity+capacity_encrypter+Key_capacity_DW; A_task_sink.capacity:= A_task_sink.capacity+capacity_decrypter+Key_capacity_DW; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); nb_bell_resolved:=nb_bell_resolved+1; elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then -- consider the inter partition communication y := y+1; finish := index(A_task_source.address_space_name,"r"); i := Integer'value(To_String( Suppress_Space (Unbounded_Slice(A_task_source.address_space_name,finish+1,Length(A_task_source.address_space_name))))) ; if (multiplexe_security(i).confidentiality_capacity=0) then multiplexe_security(i).tsk_confidentiality:=y; multiplexe_security(i).confidentiality_capacity:=capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => multiplexe_security(i).confidentiality_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); else multiplexe_security(i).confidentiality_capacity:=multiplexe_security(i).confidentiality_capacity+capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&multiplexe_security(i).tsk_confidentiality'img))) ; A_task_DW.capacity:=multiplexe_security(i).confidentiality_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); end if; end if; dep_bell_solved:=True; end if; if (A_task_source.mils_integrity_level< A_task_sink.mils_integrity_level)then if(dep_bell_solved=False) then --lors de la résolution du problème d'integrité, on garde la communication -- mais s'il n'y avait pas de problème de confidentialité resolu, il y a donc déjà un lien entre les 2 taches via les DW Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); nb_biba_resolved:=nb_biba_resolved+1; elsif(dep_bell_solved=True)and (A_task_source.address_space_name=A_task_sink.address_space_name) then nb_biba_resolved:=nb_biba_resolved+1; end if; if(A_task_source.address_space_name=A_task_sink.address_space_name) then A_task_source.capacity:=A_task_source.capacity+capacity_hash; A_task_sink.capacity:= A_task_sink.capacity+capacity_hash; elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then y:=y+1; finish := index(A_task_source.address_space_name,"r"); i := Integer'value(To_String( Suppress_Space (Unbounded_Slice(A_task_source.address_space_name,finish+1,Length(A_task_source.address_space_name))))) ; if (multiplexe_security(i).integrity_capacity=0) then multiplexe_security(i).tsk_integrity:=y; multiplexe_security(i).integrity_capacity:=2*capacity_hash; Put_Debug("Hash is added for partition" & To_String(multiplexe_security(i).addr)); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => multiplexe_security(i).integrity_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); else multiplexe_security(i).integrity_capacity:=multiplexe_security(i).integrity_capacity+2*capacity_hash; A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""& multiplexe_security(i).tsk_integrity'img))) ; A_task_UP.capacity:=multiplexe_security(i).integrity_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); end if; end if; end if; else -- add dependencies between tasks Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); end if; j:=j+1; end loop; end security_configuration7; ------------------- -- security configuration 8 -- ------------------- Procedure security_configuration8 (A_sys : in out System; s : in solution) is encrypt_addr ,decrypt_addr : Unbounded_String; capacity_encrypter, capacity_decrypter, capacity_hash : natural; y, j,i, finish : Integer; dep_bell_solved: Boolean; A_task_name : Unbounded_String; A_task_source,A_task_Key_source,A_task_DW,A_task_DW_decypt : Generic_Task_Ptr; A_task_sink, A_task_Key_sink : Generic_Task_Ptr; A_task_UP_source, A_task_UP_sink: Generic_Task_Ptr; A_task_UP: Generic_Task_Ptr; type security_partition is array (1..nb_partitions) of multiplexe_security_partition; multiplexe_security: security_partition; begin -- y := genes; y:= Integer (Get_Number_Of_Task_From_Processor (A_sys.Tasks,To_Unbounded_String( "processor1"))); for j in 1..nb_partitions loop multiplexe_security(j).addr:= Suppress_Space (To_Unbounded_String ("addr" & j'Img)); multiplexe_security(j).confidentiality_capacity:=0; multiplexe_security(j).integrity_capacity:=0; end loop; j:=1; while (j<= genes_com) loop finish := index(s.chrom_com(j).source_sink,"_"); A_task_source := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,1,finish-1))) ; A_task_sink := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,finish+1,Length(s.chrom_com(j).source_sink)))); if (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 19) then capacity_encrypter:= DW_capacity_encrypt; capacity_decrypter:= DW_capacity_decrypt; capacity_hash:= UP_capacity; elsif (Integer'Value (To_String (Suppress_Space (A_task_source.name))) > 19) AND (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 26) then capacity_encrypter:= DW_capacity_encrypt2; capacity_decrypter:= DW_capacity_decrypt2; capacity_hash := UP_capacity2; else capacity_encrypter:= DW_capacity_encrypt3; capacity_decrypter:= DW_capacity_decrypt3; capacity_hash := UP_capacity3; end if; if (s.chrom_com(j).mode/= nosecure) then dep_bell_solved:=False; if (A_task_sink.mils_confidentiality_level< A_task_source.mils_confidentiality_level) then if(A_task_source.address_space_name=A_task_sink.address_space_name) then -- consider the intra partition communication y := y+1; Put_Debug("Downgrader (Encrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_encrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); y:=y+1; Put_Debug("New downgrading task (Decrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_decrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW_decypt:=Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_DW_decypt); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW_decypt, Sink => A_task_sink); y:=y+1; Put_Debug("New key set up task for encrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_source, Sink => A_task_source); y:=y+1; Put_Debug("New key set up task for decrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_sink.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_sink, Sink => A_task_sink); elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then -- consider the inter partition communication y := y+1; finish := index(A_task_source.address_space_name,"r"); i := Integer'value(To_String( Suppress_Space (Unbounded_Slice(A_task_source.address_space_name,finish+1,Length(A_task_source.address_space_name))))) ; if (multiplexe_security(i).confidentiality_capacity=0) then multiplexe_security(i).tsk_confidentiality:=y; multiplexe_security(i).confidentiality_capacity:=capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => multiplexe_security(i).confidentiality_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); else multiplexe_security(i).confidentiality_capacity:=multiplexe_security(i).confidentiality_capacity+capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&multiplexe_security(i).tsk_confidentiality'img))) ; A_task_DW.capacity:= multiplexe_security(i).confidentiality_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); end if; end if; dep_bell_solved:=True; end if; if (A_task_source.mils_integrity_level< A_task_sink.mils_integrity_level)then if(dep_bell_solved=False) then --lors de la résolution du problème d'integrité, on garde la communication -- mais s'il n'y avait pas de problème de confidentialité resolu, il y a donc déjà un lien entre les 2 taches via les DW Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); nb_biba_resolved:=nb_biba_resolved+1; end if; if(A_task_source.address_space_name=A_task_sink.address_space_name) then y := y+1; Put_Debug("Hash at emission : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_source, Sink => A_task_source); y := y+1; Put_Debug("Hash at reception : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP_sink); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_sink, Sink => A_task_sink); elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then y:=y+1; finish := index(A_task_source.address_space_name,"r"); i := Integer'value(To_String( Suppress_Space (Unbounded_Slice(A_task_source.address_space_name,finish+1,Length(A_task_source.address_space_name))))) ; if (multiplexe_security(i).integrity_capacity=0) then multiplexe_security(i).tsk_integrity:=y; multiplexe_security(i).integrity_capacity:=2*capacity_hash; Put_Debug("Hash is added for partition" & To_String(multiplexe_security(i).addr)); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => multiplexe_security(i).integrity_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); else multiplexe_security(i).integrity_capacity:=multiplexe_security(i).integrity_capacity+2*capacity_hash; A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""& multiplexe_security(i).tsk_integrity'img))) ; A_task_UP.capacity:=multiplexe_security(i).integrity_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); end if; end if; end if; else -- add dependencies between tasks Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); end if; j:=j+1; end loop; end security_configuration8; ------------------- -- security configuration 9 -- ------------------- Procedure security_configuration9 (A_sys : in out System; s : in solution) is encrypt_addr ,decrypt_addr : Unbounded_String; capacity_encrypter, capacity_decrypter, capacity_hash : natural; y, j,i, finish : Integer; dep_bell_solved: Boolean; A_task_name : Unbounded_String; A_task_source,A_task_DW : Generic_Task_Ptr; A_task_sink : Generic_Task_Ptr; A_task_UP: Generic_Task_Ptr; type security_partition is array (1..nb_partitions) of multiplexe_security_partition; multiplexe_security_inter: security_partition; multiplexe_security_intra: security_partition; begin -- y := genes; y:= Integer (Get_Number_Of_Task_From_Processor (A_sys.Tasks,To_Unbounded_String( "processor1"))); for j in 1..nb_partitions loop multiplexe_security_inter(j).addr:= Suppress_Space (To_Unbounded_String ("addr" & j'Img)); multiplexe_security_inter(j).confidentiality_capacity:=0; multiplexe_security_inter(j).integrity_capacity:=0; multiplexe_security_intra(j).addr:= Suppress_Space (To_Unbounded_String ("addr" & j'Img)); multiplexe_security_intra(j).confidentiality_capacity:=0; multiplexe_security_intra(j).integrity_capacity:=0; end loop; j:=1; while (j<= genes_com) loop finish := index(s.chrom_com(j).source_sink,"_"); A_task_source := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,1,finish-1))) ; A_task_sink := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,finish+1,Length(s.chrom_com(j).source_sink)))); if (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 19) then capacity_encrypter:= DW_capacity_encrypt; capacity_decrypter:= DW_capacity_decrypt; capacity_hash:= UP_capacity; elsif (Integer'Value (To_String (Suppress_Space (A_task_source.name))) > 19) AND (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 26) then capacity_encrypter:= DW_capacity_encrypt2; capacity_decrypter:= DW_capacity_decrypt2; capacity_hash := UP_capacity2; else capacity_encrypter:= DW_capacity_encrypt3; capacity_decrypter:= DW_capacity_decrypt3; capacity_hash := UP_capacity3; end if; if (s.chrom_com(j).mode/= nosecure) then dep_bell_solved:=False; if (A_task_sink.mils_confidentiality_level< A_task_source.mils_confidentiality_level) then if(A_task_source.address_space_name=A_task_sink.address_space_name) then -- consider the intra partition communication y := y+1; finish := index(A_task_source.address_space_name,"r"); i := Integer'value(To_String( Suppress_Space (Unbounded_Slice(A_task_source.address_space_name,finish+1,Length(A_task_source.address_space_name))))) ; if (multiplexe_security_intra(i).confidentiality_capacity=0) then multiplexe_security_intra(i).tsk_confidentiality:=y; multiplexe_security_intra(i).confidentiality_capacity:=capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => multiplexe_security_intra(i).confidentiality_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); else multiplexe_security_intra(i).confidentiality_capacity:=multiplexe_security_intra(i).confidentiality_capacity+capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&multiplexe_security_intra(i).tsk_confidentiality'img))) ; A_task_DW.capacity:= multiplexe_security_intra(i).confidentiality_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); end if; elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then -- consider the inter partition communication y := y+1; finish := index(A_task_source.address_space_name,"r"); i := Integer'value(To_String( Suppress_Space (Unbounded_Slice(A_task_source.address_space_name,finish+1,Length(A_task_source.address_space_name))))) ; if (multiplexe_security_inter(i).confidentiality_capacity=0) then multiplexe_security_inter(i).tsk_confidentiality:=y; multiplexe_security_inter(i).confidentiality_capacity:=capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => multiplexe_security_inter(i).confidentiality_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); else multiplexe_security_inter(i).confidentiality_capacity:=multiplexe_security_inter(i).confidentiality_capacity+capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&multiplexe_security_inter(i).tsk_confidentiality'img))) ; A_task_DW.capacity:=multiplexe_security_inter(i).confidentiality_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); end if; end if; dep_bell_solved:=True; end if; if (A_task_source.mils_integrity_level< A_task_sink.mils_integrity_level)then if(dep_bell_solved=False) then --lors de la résolution du problème d'integrité, on garde la communication -- mais s'il n'y avait pas de problème de confidentialité resolu, il y a donc déjà un lien entre les 2 taches via les DW Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); nb_biba_resolved:=nb_biba_resolved+1; end if; if(A_task_source.address_space_name=A_task_sink.address_space_name) then y:=y+1; i:=i+1; finish := index(A_task_source.address_space_name,"r"); i := Integer'value(To_String( Suppress_Space (Unbounded_Slice(A_task_source.address_space_name,finish+1,Length(A_task_source.address_space_name))))) ; if (multiplexe_security_intra(i).integrity_capacity=0) then multiplexe_security_intra(i).tsk_integrity:=y; multiplexe_security_intra(i).integrity_capacity:=2*capacity_hash; Put_Debug("Hash is added for partition" & To_String(multiplexe_security_intra(i).addr)); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => multiplexe_security_intra(i).integrity_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); else multiplexe_security_intra(i).integrity_capacity:=multiplexe_security_intra(i).integrity_capacity+2*capacity_hash; A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""& multiplexe_security_intra(i).tsk_integrity'img))) ; A_task_UP.capacity:=multiplexe_security_intra(i).integrity_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); end if; elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then finish := index(A_task_source.address_space_name,"r"); i := Integer'value(To_String( Suppress_Space (Unbounded_Slice(A_task_source.address_space_name,finish+1,Length(A_task_source.address_space_name))))) ; if (multiplexe_security_inter(i).integrity_capacity=0) then y:=y+1; multiplexe_security_inter(i).tsk_integrity:=y; multiplexe_security_inter(i).integrity_capacity:=multiplexe_security_inter(i).integrity_capacity+2*capacity_hash; Put_Debug("Hash is added for partition" & To_String(multiplexe_security_inter(i).addr)); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => Suppress_Space (To_Unbounded_String("")), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => multiplexe_security_inter(i).integrity_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); else multiplexe_security_inter(i).integrity_capacity:=multiplexe_security_inter(i).integrity_capacity+2*capacity_hash; A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""& multiplexe_security_inter(i).tsk_integrity'img))) ; A_task_UP.capacity:=multiplexe_security_inter(i).integrity_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); end if; end if; end if; else -- add dependencies between tasks Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); end if; j:=j+1; end loop; end security_configuration9; ------------------- -- security configuration 10 -- ------------------- Procedure security_configuration10 (A_sys : in out System; s : in solution) is encrypt_addr ,decrypt_addr : Unbounded_String; capacity_encrypter, capacity_decrypter, capacity_hash : natural; y, j,k, finish : Integer; dep_bell_solved: Boolean; A_task_name : Unbounded_String; A_task_source,A_task_Key_source,A_task_DW,A_task_DW_decypt : Generic_Task_Ptr; A_task_sink, A_task_Key_sink : Generic_Task_Ptr; A_task_UP_source, A_task_UP_sink: Generic_Task_Ptr; begin j:=1; -- y := genes; y:= Integer (Get_Number_Of_Task_From_Processor (A_sys.Tasks,To_Unbounded_String( "processor1"))); -- add the extra partition k:=Number_of_partitions(s)+1; Add_Address_Space (My_Address_Spaces => A_sys.address_spaces, Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), Cpu_Name => To_unbounded_string("processor1"), Text_Memory_Size => 0, Stack_Memory_Size => 0, Data_Memory_Size => 0, Heap_Memory_Size => 0, A_Scheduler => POSIX_1003_HIGHEST_PRIORITY_FIRST_PROTOCOL); while (j<= genes_com) loop finish := index(s.chrom_com(j).source_sink,"_"); A_task_source := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,1,finish-1))) ; A_task_sink := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,finish+1,Length(s.chrom_com(j).source_sink)))); if (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 19) then capacity_encrypter:= DW_capacity_encrypt; capacity_decrypter:= DW_capacity_decrypt; capacity_hash:= UP_capacity; elsif (Integer'Value (To_String (Suppress_Space (A_task_source.name))) > 19) AND (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 26) then capacity_encrypter:= DW_capacity_encrypt2; capacity_decrypter:= DW_capacity_decrypt2; capacity_hash := UP_capacity2; else capacity_encrypter:= DW_capacity_encrypt3; capacity_decrypter:= DW_capacity_decrypt3; capacity_hash := UP_capacity3; end if; if (s.chrom_com(j).mode/= nosecure) then dep_bell_solved:=False; if (A_task_sink.mils_confidentiality_level< A_task_source.mils_confidentiality_level) then if(A_task_source.address_space_name=A_task_sink.address_space_name) then -- consider the intra partition communication Put_Debug("Downgrader (Encrypter & Decrypter) is added"); A_task_source.capacity:=A_task_source.capacity+capacity_encrypter+Key_capacity_DW; A_task_sink.capacity:= A_task_sink.capacity+capacity_decrypter+Key_capacity_DW; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); nb_bell_resolved:=nb_bell_resolved+1; elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then -- consider the inter partition communication y := y+1; Put_Debug("Downgrader (Encrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => To_unbounded_string("processor1") , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_encrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); y:=y+1; Put_Debug("New downgrading task (Decrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => To_unbounded_string("processor1") , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_decrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW_decypt:=Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_DW_decypt); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW_decypt, Sink => A_task_sink); y:=y+1; Put_Debug("New key set up task for encrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => To_unbounded_string("processor1") , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_source, Sink => A_task_source); y:=y+1; Put_Debug("New key set up task for decrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => To_unbounded_string("processor1") , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_sink.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_sink, Sink => A_task_sink); end if; dep_bell_solved:=True; end if; if (A_task_source.mils_integrity_level< A_task_sink.mils_integrity_level)then if(dep_bell_solved=False) then --lors de la résolution du problème d'integrité, on garde la communication -- mais s'il n'y avait pas de problème de confidentialité resolu, il y a donc déjà un lien entre les 2 taches via les DW Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); nb_biba_resolved:=nb_biba_resolved+1; elsif(dep_bell_solved=True)and (A_task_source.address_space_name=A_task_sink.address_space_name) then nb_biba_resolved:=nb_biba_resolved+1; end if; if(A_task_source.address_space_name=A_task_sink.address_space_name) then A_task_source.capacity:=A_task_source.capacity+capacity_hash; A_task_sink.capacity:= A_task_sink.capacity+capacity_hash; elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then y := y+1; Put_Debug("Hash at emission : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => To_unbounded_string("processor1") , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_source, Sink => A_task_source); y := y+1; Put_Debug("Hash at reception : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => To_unbounded_string("processor1") , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP_sink); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_sink, Sink => A_task_sink); end if; end if; else -- add dependencies between tasks Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); end if; j:=j+1; end loop; end security_configuration10; ------------------- -- security configuration 11 -- ------------------- Procedure security_configuration11 (A_sys : in out System; s : in solution) is addr_source ,addr_sink : Unbounded_String; capacity_encrypter, capacity_decrypter, capacity_hash : natural; y, j,k, finish : Integer; dep_bell_solved: Boolean; --inter, intra A_task_name, a_cpu_source_name, a_cpu_sink_name : Unbounded_String; A_task_source,A_task_Key_source,A_task_DW,A_task_DW_decypt : Generic_Task_Ptr; A_task_sink, A_task_Key_sink : Generic_Task_Ptr; A_task_UP_source, A_task_UP_sink: Generic_Task_Ptr; begin j:=1; -- y := genes; y:= Integer (Get_Number_Of_Task_From_Processor (A_sys.Tasks,To_Unbounded_String( "processor1"))); -- add the extra partition k:=Number_of_partitions(s)+1; Add_Address_Space (My_Address_Spaces => A_sys.address_spaces, Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), Cpu_Name => To_unbounded_string("processor1"), Text_Memory_Size => 0, Stack_Memory_Size => 0, Data_Memory_Size => 0, Heap_Memory_Size => 0, A_Scheduler => POSIX_1003_HIGHEST_PRIORITY_FIRST_PROTOCOL); while (j<= genes_com) loop finish := index(s.chrom_com(j).source_sink,"_"); A_task_source := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,1,finish-1))) ; A_task_sink := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,finish+1,Length(s.chrom_com(j).source_sink)))); if (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 19) then capacity_encrypter:= DW_capacity_encrypt; capacity_decrypter:= DW_capacity_decrypt; capacity_hash:= UP_capacity; elsif (Integer'Value (To_String (Suppress_Space (A_task_source.name))) > 19) AND (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 26) then capacity_encrypter:= DW_capacity_encrypt2; capacity_decrypter:= DW_capacity_decrypt2; capacity_hash := UP_capacity2; else capacity_encrypter:= DW_capacity_encrypt3; capacity_decrypter:= DW_capacity_decrypt3; capacity_hash := UP_capacity3; end if; if(A_task_source.address_space_name=A_task_sink.address_space_name) then addr_source:=A_task_source.address_space_name; addr_sink:= A_task_sink.address_space_name; a_cpu_source_name:=A_task_source.cpu_name; a_cpu_sink_name:=A_task_sink.cpu_name; elsif(A_task_source.address_space_name/=A_task_sink.address_space_name)then addr_source:=Suppress_Space (To_Unbounded_String ("addr" & k'Img)); addr_sink:= Suppress_Space (To_Unbounded_String ("addr" & k'Img)); a_cpu_source_name:=To_unbounded_string("processor1"); a_cpu_sink_name:=To_unbounded_string("processor1"); end if; if (s.chrom_com(j).mode/= nosecure) then dep_bell_solved:=False; if (A_task_sink.mils_confidentiality_level< A_task_source.mils_confidentiality_level) then y := y+1; Put_Debug("Downgrader (Encrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => addr_source, core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_encrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); y:=y+1; Put_Debug("New downgrading task (Decrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => addr_sink, core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_decrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW_decypt:=Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_DW_decypt); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW_decypt, Sink => A_task_sink); y:=y+1; Put_Debug("New key set up task for encrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => addr_source, core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_source, Sink => A_task_source); y:=y+1; Put_Debug("New key set up task for decrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => addr_sink, core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_sink.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_sink, Sink => A_task_sink); dep_bell_solved:=True; end if; if (A_task_source.mils_integrity_level< A_task_sink.mils_integrity_level)then if(dep_bell_solved=False) then --lors de la résolution du problème d'integrité, on garde la communication -- mais s'il n'y avait pas de problème de confidentialité resolu, il y a donc déjà un lien entre les 2 taches via les DW Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); nb_biba_resolved:=nb_biba_resolved+1; end if; y := y+1; Put_Debug("Hash at emission : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => addr_source, core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_source, Sink => A_task_source); y := y+1; Put_Debug("Hash at reception : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => addr_sink, core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP_sink); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_sink, Sink => A_task_sink); end if; else -- add dependencies between tasks Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); end if; j:=j+1; end loop; end security_configuration11; ------------------- -- security configuration 12 -- ------------------- Procedure security_configuration12 (A_sys : in out System; s : in solution) is encrypt_addr ,decrypt_addr : Unbounded_String; capacity_encrypter, capacity_decrypter, capacity_hash : natural; y, j,k,i, finish : Integer; dep_bell_solved: Boolean; A_task_name : Unbounded_String; A_task_source,A_task_Key_source,A_task_DW,A_task_DW_decypt : Generic_Task_Ptr; A_task_sink, A_task_Key_sink : Generic_Task_Ptr; A_task_UP,A_task_UP_source, A_task_UP_sink: Generic_Task_Ptr; type security_partition is array (1..nb_partitions) of multiplexe_security_partition; multiplexe_security: security_partition; begin -- y := genes; y:= Integer (Get_Number_Of_Task_From_Processor (A_sys.Tasks,To_Unbounded_String( "processor1"))); for j in 1..nb_partitions loop multiplexe_security(j).addr:= Suppress_Space (To_Unbounded_String ("addr" & j'Img)); multiplexe_security(j).confidentiality_capacity:=0; multiplexe_security(j).integrity_capacity:=0; end loop; j:=1; -- add the extra partition k:=Number_of_partitions(s)+1; Add_Address_Space (My_Address_Spaces => A_sys.address_spaces, Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), Cpu_Name => To_unbounded_string("processor1"), Text_Memory_Size => 0, Stack_Memory_Size => 0, Data_Memory_Size => 0, Heap_Memory_Size => 0, A_Scheduler => POSIX_1003_HIGHEST_PRIORITY_FIRST_PROTOCOL); while (j<= genes_com) loop finish := index(s.chrom_com(j).source_sink,"_"); A_task_source := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,1,finish-1))) ; A_task_sink := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,finish+1,Length(s.chrom_com(j).source_sink)))); if (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 19) then capacity_encrypter:= DW_capacity_encrypt; capacity_decrypter:= DW_capacity_decrypt; capacity_hash:= UP_capacity; elsif (Integer'Value (To_String (Suppress_Space (A_task_source.name))) > 19) AND (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 26) then capacity_encrypter:= DW_capacity_encrypt2; capacity_decrypter:= DW_capacity_decrypt2; capacity_hash := UP_capacity2; else capacity_encrypter:= DW_capacity_encrypt3; capacity_decrypter:= DW_capacity_decrypt3; capacity_hash := UP_capacity3; end if; if (s.chrom_com(j).mode/= nosecure) then dep_bell_solved:=False; if (A_task_sink.mils_confidentiality_level< A_task_source.mils_confidentiality_level) then if(A_task_source.address_space_name=A_task_sink.address_space_name) then -- consider the intra partition communication y := y+1; finish := index(A_task_source.address_space_name,"r"); i := Integer'value(To_String( Suppress_Space (Unbounded_Slice(A_task_source.address_space_name,finish+1,Length(A_task_source.address_space_name))))) ; if (multiplexe_security(i).confidentiality_capacity=0) then multiplexe_security(i).tsk_confidentiality:=y; multiplexe_security(i).confidentiality_capacity:=capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => multiplexe_security(i).confidentiality_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); else multiplexe_security(i).confidentiality_capacity:=multiplexe_security(i).confidentiality_capacity+capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&multiplexe_security(i).tsk_confidentiality'img))) ; A_task_DW.capacity:= multiplexe_security(i).confidentiality_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); end if; elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then -- consider the inter partition communication y := y+1; Put_Debug("Downgrader (Encrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space ((To_Unbounded_string("processor1"))) , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_encrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); y:=y+1; Put_Debug("New downgrading task (Decrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space ((To_Unbounded_string("processor1"))) , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_decrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW_decypt:=Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_DW_decypt); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW_decypt, Sink => A_task_sink); y:=y+1; Put_Debug("New key set up task for encrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space ((To_Unbounded_string("processor1"))) , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_source, Sink => A_task_source); y:=y+1; Put_Debug("New key set up task for decrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space ((To_Unbounded_string("processor1"))) , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_sink.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_sink, Sink => A_task_sink); end if; dep_bell_solved:=True; end if; if (A_task_source.mils_integrity_level< A_task_sink.mils_integrity_level)then if(dep_bell_solved=False) then --lors de la résolution du problème d'integrité, on garde la communication -- mais s'il n'y avait pas de problème de confidentialité resolu, il y a donc déjà un lien entre les 2 taches via les DW Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); nb_biba_resolved:=nb_biba_resolved+1; end if; if(A_task_source.address_space_name=A_task_sink.address_space_name) then finish := index(A_task_source.address_space_name,"r"); i := Integer'value(To_String( Suppress_Space (Unbounded_Slice(A_task_source.address_space_name,finish+1,Length(A_task_source.address_space_name))))) ; if (multiplexe_security(i).integrity_capacity=0) then y:=y+1; multiplexe_security(i).tsk_integrity:=y; multiplexe_security(i).integrity_capacity:=2*capacity_hash; Put_Debug("Hash is added for partition" & To_String(multiplexe_security(i).addr)); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => multiplexe_security(i).integrity_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); else multiplexe_security(i).integrity_capacity:=multiplexe_security(i).integrity_capacity+2*capacity_hash; A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""& multiplexe_security(i).tsk_integrity'img))) ; A_task_UP.capacity:=multiplexe_security(i).integrity_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); end if; elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then y := y+1; Put_Debug("Hash at emission : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space ((To_Unbounded_string("processor1"))) , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_source, Sink => A_task_source); y := y+1; Put_Debug("Hash at reception : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space ((To_Unbounded_string("processor1"))) , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP_sink); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_sink, Sink => A_task_sink); end if; end if; else -- add dependencies between tasks Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); end if; j:=j+1; end loop; end security_configuration12; ------------------- -- security configuration 13 -- ------------------- Procedure security_configuration13 (A_sys : in out System; s : in solution) is encrypt_addr ,decrypt_addr : Unbounded_String; capacity_encrypter, capacity_decrypter, capacity_hash : natural; y, j,k, finish: Integer; inter_task_confidentiality,inter_task_confidentiality_capacity, inter_task_integrity,inter_task_integrity_capacity : Integer:=0; dep_bell_solved: Boolean; A_task_name : Unbounded_String; A_task_source,A_task_DW : Generic_Task_Ptr; A_task_sink : Generic_Task_Ptr; A_task_UP: Generic_Task_Ptr; begin j:=1; -- y := genes; y:= Integer (Get_Number_Of_Task_From_Processor (A_sys.Tasks,To_Unbounded_String( "processor1"))); -- add the extra partition k:=Number_of_partitions(s)+1; Add_Address_Space (My_Address_Spaces => A_sys.address_spaces, Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), Cpu_Name => To_unbounded_string("processor1"), Text_Memory_Size => 0, Stack_Memory_Size => 0, Data_Memory_Size => 0, Heap_Memory_Size => 0, A_Scheduler => POSIX_1003_HIGHEST_PRIORITY_FIRST_PROTOCOL); while (j<= genes_com) loop finish := index(s.chrom_com(j).source_sink,"_"); A_task_source := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,1,finish-1))) ; A_task_sink := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,finish+1,Length(s.chrom_com(j).source_sink)))); if (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 19) then capacity_encrypter:= DW_capacity_encrypt; capacity_decrypter:= DW_capacity_decrypt; capacity_hash:= UP_capacity; elsif (Integer'Value (To_String (Suppress_Space (A_task_source.name))) > 19) AND (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 26) then capacity_encrypter:= DW_capacity_encrypt2; capacity_decrypter:= DW_capacity_decrypt2; capacity_hash := UP_capacity2; else capacity_encrypter:= DW_capacity_encrypt3; capacity_decrypter:= DW_capacity_decrypt3; capacity_hash := UP_capacity3; end if; if (s.chrom_com(j).mode/= nosecure) then dep_bell_solved:=False; if (A_task_sink.mils_confidentiality_level< A_task_source.mils_confidentiality_level) then if(A_task_source.address_space_name=A_task_sink.address_space_name) then -- consider the intra partition communication Put_Debug("Downgrader (Encrypter & Decrypter) is added"); A_task_source.capacity:=A_task_source.capacity+capacity_encrypter+Key_capacity_DW; A_task_sink.capacity:= A_task_sink.capacity+capacity_decrypter+Key_capacity_DW; nb_bell_resolved:=nb_bell_resolved+1; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then -- consider the inter partition communication if (inter_task_confidentiality_capacity=0) then y:=y+1; inter_task_confidentiality:=y; inter_task_confidentiality_capacity:=capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space ((To_Unbounded_string("processor1"))) , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => inter_task_confidentiality_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); else inter_task_confidentiality_capacity:=inter_task_confidentiality_capacity+capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&inter_task_confidentiality'img))) ; A_task_DW.capacity:=inter_task_confidentiality_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); end if; end if; dep_bell_solved:=True; end if; if (A_task_source.mils_integrity_level< A_task_sink.mils_integrity_level)then if(dep_bell_solved=False) then --lors de la résolution du problème d'integrité, on garde la communication -- mais s'il n'y avait pas de problème de confidentialité resolu, il y a donc déjà un lien entre les 2 taches via les DW Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); nb_biba_resolved:=nb_biba_resolved+1; elsif(dep_bell_solved=True)and (A_task_source.address_space_name=A_task_sink.address_space_name) then nb_biba_resolved:=nb_biba_resolved+1; end if; if(A_task_source.address_space_name=A_task_sink.address_space_name) then A_task_source.capacity:=A_task_source.capacity+capacity_hash; A_task_sink.capacity:= A_task_sink.capacity+capacity_hash; elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then if (inter_task_integrity_capacity=0) then y:=y+1; inter_task_integrity:=y; inter_task_integrity_capacity:=2*capacity_hash; Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space ((To_Unbounded_string("processor1"))) , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => inter_task_integrity_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); else inter_task_integrity_capacity:=inter_task_integrity_capacity+2*capacity_hash; A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""& inter_task_integrity'img))) ; A_task_UP.capacity:=inter_task_integrity_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); end if; end if; end if; else -- add dependencies between tasks Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); end if; j:=j+1; end loop; end security_configuration13; ------------------- -- security configuration 14 -- ------------------- Procedure security_configuration14 (A_sys : in out System; s : in solution) is encrypt_addr ,decrypt_addr : Unbounded_String; capacity_encrypter, capacity_decrypter, capacity_hash : natural; y, j,k, finish : Integer; inter_task_confidentiality,inter_task_confidentiality_capacity, inter_task_integrity,inter_task_integrity_capacity : Integer:=0; dep_bell_solved: Boolean; A_task_name : Unbounded_String; A_task_source,A_task_Key_source,A_task_DW,A_task_DW_decypt : Generic_Task_Ptr; A_task_sink, A_task_Key_sink : Generic_Task_Ptr; A_task_UP,A_task_UP_source, A_task_UP_sink: Generic_Task_Ptr; begin j:=1; -- y := genes; y:= Integer (Get_Number_Of_Task_From_Processor (A_sys.Tasks,To_Unbounded_String( "processor1"))); -- add the extra partition k:=Number_of_partitions(s)+1; Add_Address_Space (My_Address_Spaces => A_sys.address_spaces, Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), Cpu_Name => To_unbounded_string("processor1"), Text_Memory_Size => 0, Stack_Memory_Size => 0, Data_Memory_Size => 0, Heap_Memory_Size => 0, A_Scheduler => POSIX_1003_HIGHEST_PRIORITY_FIRST_PROTOCOL); while (j<= genes_com) loop finish := index(s.chrom_com(j).source_sink,"_"); A_task_source := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,1,finish-1))) ; A_task_sink := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,finish+1,Length(s.chrom_com(j).source_sink)))); if (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 19) then capacity_encrypter:= DW_capacity_encrypt; capacity_decrypter:= DW_capacity_decrypt; capacity_hash:= UP_capacity; elsif (Integer'Value (To_String (Suppress_Space (A_task_source.name))) > 19) AND (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 26) then capacity_encrypter:= DW_capacity_encrypt2; capacity_decrypter:= DW_capacity_decrypt2; capacity_hash := UP_capacity2; else capacity_encrypter:= DW_capacity_encrypt3; capacity_decrypter:= DW_capacity_decrypt3; capacity_hash := UP_capacity3; end if; if (s.chrom_com(j).mode/= nosecure) then dep_bell_solved:=False; if (A_task_sink.mils_confidentiality_level< A_task_source.mils_confidentiality_level) then if(A_task_source.address_space_name=A_task_sink.address_space_name) then -- consider the intra partition communication y := y+1; Put_Debug("Downgrader (Encrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_encrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); y:=y+1; Put_Debug("New downgrading task (Decrypter): "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_decrypter, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW_decypt:=Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_DW_decypt); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW_decypt, Sink => A_task_sink); y:=y+1; Put_Debug("New key set up task for encrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_source, Sink => A_task_source); y:=y+1; Put_Debug("New key set up task for decrypter: "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => Key_capacity_DW, Period => 100000000, Deadline => 100000000, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_sink.priority'Img)+1, Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_Key_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_Key_sink, Sink => A_task_sink); elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then -- consider the inter partition communication if (inter_task_confidentiality_capacity=0) then y:=y+1; inter_task_confidentiality:=y; inter_task_confidentiality_capacity:=capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space ((To_Unbounded_string("processor1"))) , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => inter_task_confidentiality_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); else inter_task_confidentiality_capacity:=inter_task_confidentiality_capacity+capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&inter_task_confidentiality'img))) ; A_task_DW.capacity:= inter_task_confidentiality_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); end if; end if; dep_bell_solved:=True; end if; if (A_task_source.mils_integrity_level< A_task_sink.mils_integrity_level)then if(dep_bell_solved=False) then --lors de la résolution du problème d'integrité, on garde la communication -- mais s'il n'y avait pas de problème de confidentialité resolu, il y a donc déjà un lien entre les 2 taches via les DW Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); nb_biba_resolved:=nb_biba_resolved+1; end if; if(A_task_source.address_space_name=A_task_sink.address_space_name) then y := y+1; Put_Debug("Hash at emission : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_source := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_source, Sink => A_task_source); y := y+1; Put_Debug("Hash at reception : "&y'img&" is added"); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => capacity_hash, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP_sink := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP_sink); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP_sink, Sink => A_task_sink); elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then if (inter_task_integrity_capacity=0) then y:=y+1; inter_task_integrity:=y; inter_task_integrity_capacity:=2*capacity_hash; Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space ((To_Unbounded_string("processor1"))) , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => inter_task_integrity_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); else inter_task_integrity_capacity:=inter_task_integrity_capacity+2*capacity_hash; A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""& inter_task_integrity'img))) ; A_task_UP.capacity:=inter_task_integrity_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); end if; end if; end if; else -- add dependencies between tasks Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); end if; j:=j+1; end loop; end security_configuration14; ------------------- -- security configuration 15 -- ------------------- Procedure security_configuration15 (A_sys : in out System; s : in solution) is encrypt_addr ,decrypt_addr : Unbounded_String; capacity_encrypter, capacity_decrypter, capacity_hash : natural; y, j,k,i, finish : Integer; inter_task_confidentiality,inter_task_confidentiality_capacity, inter_task_integrity,inter_task_integrity_capacity : Integer:=0; dep_bell_solved: Boolean; A_task_name : Unbounded_String; A_task_source,A_task_DW : Generic_Task_Ptr; A_task_sink : Generic_Task_Ptr; A_task_UP: Generic_Task_Ptr; type security_partition is array (1..nb_partitions) of multiplexe_security_partition; multiplexe_security: security_partition; begin -- y := genes; y:= Integer (Get_Number_Of_Task_From_Processor (A_sys.Tasks,To_Unbounded_String( "processor1"))); for j in 1..nb_partitions loop multiplexe_security(j).addr:= Suppress_Space (To_Unbounded_String ("addr" & j'Img)); multiplexe_security(j).confidentiality_capacity:=0; multiplexe_security(j).integrity_capacity:=0; end loop; j:=1; -- add the extra partition k:=Number_of_partitions(s)+1; Add_Address_Space (My_Address_Spaces => A_sys.address_spaces, Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), Cpu_Name => To_unbounded_string("processor1"), Text_Memory_Size => 0, Stack_Memory_Size => 0, Data_Memory_Size => 0, Heap_Memory_Size => 0, A_Scheduler => POSIX_1003_HIGHEST_PRIORITY_FIRST_PROTOCOL); while (j<= genes_com) loop finish := index(s.chrom_com(j).source_sink,"_"); A_task_source := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,1,finish-1))) ; A_task_sink := Search_Task (A_sys.Tasks, Suppress_Space (Unbounded_Slice(s.chrom_com(j).source_sink,finish+1,Length(s.chrom_com(j).source_sink)))); if (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 19) then capacity_encrypter:= DW_capacity_encrypt; capacity_decrypter:= DW_capacity_decrypt; capacity_hash:= UP_capacity; elsif (Integer'Value (To_String (Suppress_Space (A_task_source.name))) > 19) AND (Integer'Value (To_String (Suppress_Space (A_task_source.name))) <= 26) then capacity_encrypter:= DW_capacity_encrypt2; capacity_decrypter:= DW_capacity_decrypt2; capacity_hash := UP_capacity2; else capacity_encrypter:= DW_capacity_encrypt3; capacity_decrypter:= DW_capacity_decrypt3; capacity_hash := UP_capacity3; end if; if (s.chrom_com(j).mode/= nosecure) then dep_bell_solved:=False; if (A_task_sink.mils_confidentiality_level< A_task_source.mils_confidentiality_level) then if(A_task_source.address_space_name=A_task_sink.address_space_name) then -- consider the intra partition communication finish := index(A_task_source.address_space_name,"r"); i := Integer'value(To_String( Suppress_Space (Unbounded_Slice(A_task_source.address_space_name,finish+1,Length(A_task_source.address_space_name))))) ; if (multiplexe_security(i).confidentiality_capacity=0) then y := y+1; multiplexe_security(i).tsk_confidentiality:=y; multiplexe_security(i).confidentiality_capacity:=capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_source.address_space_name, core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => multiplexe_security(i).confidentiality_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); else multiplexe_security(i).confidentiality_capacity:=multiplexe_security(i).confidentiality_capacity+capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&multiplexe_security(i).tsk_confidentiality'img))) ; A_task_DW.capacity:=multiplexe_security(i).confidentiality_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); end if; elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then -- consider the inter partition communication if (inter_task_confidentiality_capacity=0) then y:=y+1; inter_task_confidentiality:=y; inter_task_confidentiality_capacity:=capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space ((To_Unbounded_string("processor1"))) , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => inter_task_confidentiality_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); else inter_task_confidentiality_capacity:=inter_task_confidentiality_capacity+capacity_encrypter+capacity_decrypter+2*Key_capacity_DW; A_task_DW := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&inter_task_confidentiality'img))) ; A_task_DW.capacity:=inter_task_confidentiality_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_DW); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_DW, Sink => A_task_sink); end if; end if; dep_bell_solved:=True; end if; if (A_task_source.mils_integrity_level< A_task_sink.mils_integrity_level)then if(dep_bell_solved=False) then --lors de la résolution du problème d'integrité, on garde la communication -- mais s'il n'y avait pas de problème de confidentialité resolu, il y a donc déjà un lien entre les 2 taches via les DW Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); nb_biba_resolved:=nb_biba_resolved+1; end if; if(A_task_source.address_space_name=A_task_sink.address_space_name) then finish := index(A_task_source.address_space_name,"r"); i := Integer'value(To_String( Suppress_Space (Unbounded_Slice(A_task_source.address_space_name,finish+1,Length(A_task_source.address_space_name))))) ; if (multiplexe_security(i).integrity_capacity=0) then y:=y+1; multiplexe_security(i).tsk_integrity:=y; multiplexe_security(i).integrity_capacity:=2*capacity_hash; Put_Debug("Hash is added for partition" & To_String(multiplexe_security(i).addr)); Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space (To_Unbounded_String("processor1")), Address_Space_Name => A_task_sink.address_space_name, core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => multiplexe_security(i).integrity_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_sink); else multiplexe_security(i).integrity_capacity:=multiplexe_security(i).integrity_capacity+2*capacity_hash; A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""& multiplexe_security(i).tsk_integrity'img))) ; A_task_UP.capacity:=multiplexe_security(i).integrity_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); end if; elsif (A_task_source.address_space_name/=A_task_sink.address_space_name) then if (inter_task_integrity_capacity=0) then y:=y+1; inter_task_integrity:=y; inter_task_integrity_capacity:=2*capacity_hash; Add_Task(My_Tasks => A_sys.Tasks, Name => Suppress_Space (To_Unbounded_String (""&y'img)), Cpu_Name => Suppress_Space ((To_Unbounded_string("processor1"))) , Address_Space_Name => Suppress_Space (To_Unbounded_String ("addr" & k'Img)), core_name => To_unbounded_string(""), Task_Type => Periodic_Type, Start_Time => 0 , Capacity => inter_task_integrity_capacity, Period => A_task_sink.deadline, Deadline => A_task_sink.deadline, Jitter => 0, Blocking_Time => 0, Priority => Integer'Value( A_task_source.priority'Img), Criticality => 0, Policy => Sched_Fifo, mils_task => Downgrader ); A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""&y'img))) ; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); else inter_task_integrity_capacity:=inter_task_integrity_capacity+2*capacity_hash; A_task_UP := Search_Task (A_sys.Tasks, Suppress_Space (To_Unbounded_String (""& inter_task_integrity'img))) ; A_task_UP.capacity:= inter_task_integrity_capacity; Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_source, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_source); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_sink, Sink => A_task_UP); Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.dependencies, Source => A_task_UP, Sink => A_task_sink); end if; end if; end if; else -- add dependencies between tasks Add_One_Task_Dependency_precedence (My_Dependencies => A_sys.Dependencies, Source => A_task_source, Sink => A_task_sink); end if; j:=j+1; end loop; end security_configuration15; end security_implementation;