Method for protecting microkernel OS integrality based on reliable hardware and virtual machine

The invention relates to a completeness protecting method of microkernel operation system based on trusted hardware and virtual machine, which employs a trusted hardware platform and a virtual machine as the safety foundation of a microkernel trusted operation system, uses a double-layer protecting mechanism to ensure completeness of the operation system itself and upper service and application by a virtual machine and a microkernel, and utilizes the trusted platform to realize dynamic metrics in operation system operating process. The invention has the advantages that by virtual machine technique, the resource access operation of the operation system kernel, service and application is effectively monitored, by operation of acquiring and monitoring key resource access operation with the virtual machine, completeness of the system kernel is protected. The system kernel monitored and protected by the virtual machine can also monitor the resource assess right operation of the upper service and application, thereby self-completeness and execution validity of service and application are guaranteed. Dynamic metrics and identification to system kernel, key service and applied behavior are realized in system executing process, and trust chain can be further extended.