Industry Innovate

Operating system manages all the hardware resources, software resources and data resources of the computer system. Like the foundation of a building, the operating system is the most basic kernel and cornerstone to ensure the normal operation of computer systems and intelligent terminal systems.

Support Environment and Service Areas

Server operating system; terminals that provide service functions; industrial computers and other special types; embedded operating system customization services.

Product Adaptation delivery

System rejects by default the installation and operation of all unadapted applications; the principle of least privilege; to determine the functional integrity of the application software.

The hacker has the ability and means to remotely control information system operating in other countries or gain access to confidential data. Particularly in the Informatization development of critical livelihood industries, if security and strong safeguards are not carried out, it will inevitably bring opportunities for foreign hacker organizations and hostile forces to attack.The operating system is the central nervous systemfor managing computers and networks,and its importance is self-evident.GryphonOS adopts a security mechanism that integrates the kernel and application in terms of security design and enhances the system's security based on the underlying cryptography algorithm TPM2.0 trusted hardware. It Implements a trusted runtime control mechanism at the system kernel layer to detect the integrity of all applications, while also providing a trusted support interface for applications to call trusted chip to increase their own security. At the system's upper level, tools such as trusted management configuration, network security management, device management, security audit management, vulnerability scanning, and security policy management are provided, providing users with comprehensive security protection from the kernel to the application.

Gryphon OS integrates operating system security technology trusted computing technology, with high security level protection measures, achieving security mechanisms such as identity identification and authentication, fine-grained autonomous access control, mandatory access control, role-based access control, trusted paths, prohibition of object reuse, security auditing, security data protection, and file integrity checks. And implement trustedgrub, trusted boot, trusted process measurement, trusted identity authentication, transparent file encryption system and other trusted functions based on the cryptography algorithm TPM2.0, while also providing a set of security policy configuration management tools.

1. It supports various underlying compilation libraries for secondary development. Supports compilation and development tools such as GCC, Binutils, GDB, Make, CMake, G . Provid rich development tools and a complete Linux development environment. Support programming languages and development libraries such as Java, C, C , Python, Perl, Shell, Ruby, PHP, Tcl/Tk, Lisp, QT, Golang, Rust, OpenGL, Cairo, GTK.Support development environments such as QT, Eclipse, Visual Studio Code.

2.In terms of versionit has achieved support for multi-CPUarchitectures with the same origin. Adopting a standard system software structure, it is divided into source code packages and binary packages. Under the automated compilation platform, it includes both source code packages and multi-CPU architecture binary packages, as well as corresponding repositories. Meanwhile, according to user business needs, operating system resources unrelated to these businesses can be reduced and optimized, such as drivers, file systems, unnecessary application interfaces, etc., further enhancing the performance and security of the entire system. It is also possible to merge code modules and add functionality at the source code level.

Application Field

Gryphon OScomplies with the Posix series standards and is compatible with Linux object code. Large applications on the Linux platform, such as graphical environments and Oracle database services, can run directly on Gryphon OS , which has expanded the application range of Gryphon OS.Itcan mainly be deployed on servers that run businesses and can also be customized and optimized according to application scenarios. It can be applied to key security departments such as government, national defense, and e-Government, as well as industries such as petroleum and petrochemical, steel and iron metallurgy, coal, power, water conservancy, tobacco, transportation, education, and healthcare, effectively ensuring the safety and reliability of the system.

3.Upgrade and migrate security functions such as identity identification and authentication, fine-grained autonomous access control, role-based mandatory access control, IAC based mandatory access control, MLS based mandatory access control, trusted paths, prohibition of object reuse, security auditing, and file integrity checking, etc.

4.Trusted Grub based on the cryptography algorithm TPM2.0. During the grub phase, the cryptography algorithm TPM2.0 chip is used to measure the system kernel image, initrd, and boot configuration files. Meanwhile, the cryptography algorithm TPM2.0 chip can also measure the kernel image, initrd, and boot configuration files through CPU and cryptography algorithm TPM2.0, ensuring the credibility of the boot system.

5.Trusted Boot. Throughtrusted kernel module,the executable files of all processes started during the operating system boot process are measured and extended to the trusted chip PCR, ensuring that each program starts in the same order, the entire system operating environment is trusted after system boot.

6.Process Trusted Measurement. Measure whether the content of the executable file has been changed before all programs run through a trusted kernel module. If it has been changed, reject the program, and provide the ability to recover the file.

7.Trusted identity authentication is based on cryptography algorithm TPM2.0. Login authentication utilizes the cryptography algorithm TPM2.0 trusted chip to realize local login"Three Kinds of Right"users, which uses the hash operation and NV storage function of the trusted chip. It combines traditional login authentication methods with the TPM2.0 trusted chip. Login authentication transforms password information from traditional file storage to NV space storage of trusted chips and implements the hash operation on password information using the trusted chips.

8.Transparent file encryption system based on TPM2.0. The encrypted file system layer is inserted as a "filter" between the VFS (Virtual File System Layer) and the underlying physical file system. The write request to the encrypted file reaches the VFS layer through the system call layer, and the VFS transfers the request to the encrypted file system component for processing. After processing, the request is transferred to the lower physical file system. Conversely, when reading requests (including opening files), data undergoes transparent encryption and decryption based on the cryptography algorithm.

9.Supports various important information system network transmission protocols, including HTTP, DNS, DHCP, FTP, SMTP, IMAP, Samba3, OpenLDAP, NTP, TFTP, IPv4, IPv6, Squid, SNMP, SSH and Modbus, OPC UA, CAN, DNP3, CIP, EtherCAT, ProfiBus, Fieldbus, OpenSCADA, ScadaBR, OpenEEmeter, etc.