Download 1. design principle

COMPARISON OF UNIX AND WINNT OPERATING
SYSTEM
CS – 550
COMPARITIVE OPERATING SYSTEMS
PROF. MARIUS SONERU
BY
SRIVATSAN NATARAJAN
359-96-880
INTRODUCTION:
The past few decades have seen a tremendous improvement on the design and performance of
operating systems. However the fundamental services provided by an operating system remain
the same. First they make computer hardware easier to use. Second the operating systems shares
the resources among the different users and effectively manage them. The design of operating
system is becoming more modular. The operating systems have evolved in a great way from the
earliest Simple batch systems to monolithic design to Layered approach and now finally an Client
server or Micro kernel approach. The monolithic operating systems are organized more
haphazardly and don’t enforce any data hiding in the operating system. It delivers a better
application performance but extending such a system is difficult. E.g. MS-DOS and CP/M. The
layered operating system is organized in to hierarchy of modules and provides better extensibility.
The advent of new concepts in operating system design, micro kernel is aimed at migrating
traditional services of an operating system out of monolithic kernel in to user level process.
In spite of these developments, time and often software engineers face the question which
operating system to choose. Is Unix better than Windows for this application? Or is Sparc-solaris
more reliable than Sparc-x86? The choice between two operating system is a complex issue and it
is decided after considering a lot of factors including performance and efficiency. This paper
deals with comparing a powerful computer operating system developed by Bell labs namely Unix
and an operating system from Microsoft called WinNT . Unix is very popular among the
scientific, engineering and academic communities because of its multi-user, multi-tasking
environment, flexibility and portability, electronic email and networking capabilities.
But WinNT has been designed mainly for client-server applications. It is often necessary that
separate applications running on different machines using different operating systems and written
in a wide variety of language needs to be tightly coupled and locally integrated. This paper is
organized in a way as to compare these two operating systems based on the following issues:
 Design principle
 Programmer interface
 User interface
 Process management
 Memory management
 File system
 I/O system
 Inter-process communication
 Protection and security
A detailed critique is provided at the end of each section and finally based on my research
there is a conclusion suggesting which operating system fits best in a given application.
1. DESIGN PRINCIPLE
Design of Unix:
The Unix system is functionally organized at three levels:
 The kernel, which schedules tasks and manages storage.
 The shell, which connects and interprets user’s command, call programs from memory
and executes them.
 The tools and application that offer additional functionality to the operating system.
The Unix design is highly modular. As we see the user programs have to communicate only with
the shell layer, which in turn passes hardware requests to the kernel, which is the only layer that
talks to the hardware.
User environment (Tools and applications)
Shell
Kernel
Hardware
Fig.1
GENERAL ARCHITECTURE OF UNIX
The kernel:
The heart of the operating system, the kernel controls the hardware and turns part of the
system on and off at the programmers command.
The Shell:
There are several types of shell, mostly command driven Bourne and C shell and menu
driven shells that make it easier for programmers to use. The shell function remains the same it
acts as an interpreter between user and computer. The shell also provides the functionality
“pipes” where by a number of commands can be linked together by user.
Tools and Applications:
There are hundreds of tools available to Unix users, some of which have been written by
third party vendors for specific applications. Typically, tools are grouped in to categories for
certain functions, such as word processing, business applications.
Design of WinNT:
NT runs in two modes:
 Kernel mode (Ring 0) - Executive which runs in protected memory mode with full
privileges.
 User mode (Ring 3) - Runs with privileges to access its own memory area. User
applications and environmental subsystems execute in this mode.
Applications are allocated a virtual 4Gb of memory with 2 for the user and 2 for executive
services.
NT is modular in nature allowing it to have cross platform portability due primarily to the HAL
module described below. The NT Architecture has 5 layers.
1. Application - Runs in user mode.
2. Subsystems - Runs in user mode.
3. Executive Services - Runs in kernel mode.
4. Kernel - Runs in kernel mode.
5. HAL - Runs in kernel mode.
The NT architecture model in more detail, from the top down:
1. User Level - The environmental subsystem and user applications execute at this level
which runs in Ring 3, a non-privileged processor mode. User mode code can be
preempted, is pageable, and can be context switched. User applications must use
executive services to access devices or memory. The user mode subcategories are:
1. Applications
2. Subsystems
 Environmental - Each subsystems have an API to allow programs to run.
The subsystems are called server objects and the applications are client
objects.
 OS/2 - Supports OS/2 Applications. Interfaces with executive
services (driver calls) and Win32 subsystem(display calls).
 Win32 - Supports the Windows native 32 bit applications and
includes support for other systems. This is also called the
Client/Server Runtime (CSR) subsystem which allows the
system to be shut down, text windows to be displayed and
provides error handling by supporting console and
miscellaneous functions.
 NTVDM - NT's virtual DOS machine emulated DOS
allowing DOS applications to run.
 Win16 Subsystem, Windows16 on Windows32
(WOW) - Supports 16 bit Windows applications.

POSIX - Supports POSIX Applications. Interfaces with
executive services (driver calls) and Win32 subsystem (display
calls).
 Security - Includes the Logon Process and Security Subsystem - An
authentification package is built by the security subsystem and it is sent
to the Security Reference Monitor.
2. Kernel Level also called executive services run in the protected mode of the processor
ring. Cannot be paged or context switched.
1. Executive Services layer - It supports device drivers, memory management, I/O,
processes, threads, IPC, security, window management and graphics device
interaction.
2. Windows NT Kernel layer - This is the kernel itself which supports
synchronization, thread management, context switching, multiprocessor load
balancing, exception handling and interrupt handling. It interfaces to the
hardware abstraction layer.
3. Hardware Abstraction Layer (HAL) - Isolates the hardware from the system for
multi-platform support.
In Original Windows systems, the GDI part of the operating system performs graphic
functionality for the system and the USER portion is the window manager. In earlier versions of
Windows, the GDI and USER parts of the system were included in the WIN32 subsystem. In
Windows NT 4.0, these parts of the system were moved into the kernel mode and made part of
the executive services.
The Executive Service Layer
It serves as the interface between the user and kernel levels and is composed of the following
modules:
 Object Manager monitors the creation and use of objects. It also manages the global
name space where access to all local objects is controlled.
 Security Reference Monitor is responsible for enforcing the access-validation and auditgeneration policy as defined by the Security subsystem.
 Process Manager creates and deletes processes and also tracks process objects and thread
objects.
 Local Procedure Call Facility, using a client/server relationship, provides a
communications mechanism between the applications and the Environmental subsystem.
 Virtual Memory Manager maps virtual addresses in the user’s address space to physical
pages in the computer’s memory.
 I/O Manager manages all input and output for the operating system, including cache
manager, file system drivers, hardware device drivers, and network device drivers.
 Win32K window manager and GDI - Functions from Win32k.sys for graphics support
and communication with graphic devices.
 Graphics device interface (GDI) - Enables graphics devices to communicate with NT.
 Hardware Device drivers - An interface between specific hardware devices and NT which
interfaces to HAL.
2. Programmer Interface
Programmer interface in Unix:
Unix consists of two separable parts like most other computer systems.
 Kernel: everything below the system call interface and above the physical hardware.
Provides file system, CPU scheduling, Memory management and other OS functions through
System calls.
 System Programs: Uses the Kernel supported system calls to provide useful functions,
such as compilation and file manipulation.
The system calls provide programmer interface in Unix. There are roughly three types of system
calls in Unix. File manipulation (Same system calls also support device manipulation), Process
control, and Information manipulation. We will look in to more about these in file system and
process management. Apart from that what we need to know is that the process can ask for their
process identifier, group identifier and the name of the machine they are executing. The
/usr/include/sys/timepps.h header file defines the API interface routines and data
structures. The API in Unix is all written in C.
3. User Interface
User Interface in Unix:
The user interface Unix is of two types
 Command line
 Graphical User interface.
The command line interface is not very convenient but very powerful in the Unix operating
system. The user has to type in the Commands manually and has to remember the exact
syntax. However a user can pass any number of arguments to the program and this greatly
increases the computational power. The graphical user interface is used mostly with related to
web based applications so that the end user finds comfortable to navigate. The older versions
of Unix didn’t have GUI but the newer versions have incorporated this in their system. For
e.g. CISCO secure Unix graphical user interface. Different vendors have their own GUI
based applications.
User Interface in WinNT:
The user interface in WinNT is mainly of graphical only. Although Ms-Dos has command line
interface, it is not used widely now. For this also the user has to remember all the syntaxes. But
WinNT is much more user oriented operating system and is very convenient also.
4. MEMORY MANAGEMENT
Memory management in Unix:
The Unix kernel divides the memory in to manageable chunks called “Pages”. A single page
of memory is usually 4096 or 8192 bytes (4or 8 kb). Memory pages are laid down
contiguously across the physical and virtual memory. The memory management is carried out
in two different ways in Unix they are swapping and Virtual Memory demand paging.
 Swapping – The process are moved in and out of the memory. The algorithm used is first
fit. It was used mainly because of less system over head. This technique is no longer in
practice.
 Virtual memory – This is the most popular technique used for managing the memory
pages. Demand paging is used to move pages in and out of the memory. The pages are
created only for the process that actually execute. When a process access a code that is
not in main memory a page fault occurs. This more popular because many process are in
the memory at the same time when compared to swapping. There are many algorithms
which implement this technique like FIFO, LRU second chance etc. These algorithms
work in a fashion as to produce minimal page fault.
Memory management in WinNT:
The architecture of Windows NT includes memory protection. It uses:

Demand-paging - The process of swapping memory between the RAM and the hard
drive. The virtual memory manager performs this function.

Virtual memory - Sets up virtual memory space larger than physical RAM by using the
hard drive and swapping memory between RAM and the hard drive.

Flat, linear address space accessed using 32-bit addresses. Up to 4G can be addressed at a
time with 2G reserved for kernel use and the other 2G for user applications.
The system uses permanent and temporary swap files to support demand paging. RAM is
managed in 4K byte sized pages. The permanent swap file stays the same size and temporary
swap files expand in size as required. The permanent swap file size is controlled by the
PAGEFILE.SYS file which is a system file that cannot be deleted. There can be one page file on
each system hard drive and NT works fastest this way. Windows has an algorithm called the least
recently used (LRU) algorithm which aids in managing these swap files. Page file characteristics:

Default size at installation is 11M + physical RAM.

The minimum size is 22M suggested by Microsoft

The maximum size is three times physical RAM.
Windows NT takes about 10M of memory for its own use. The minimum size page file size that
can support Windows NT on a given system can be expressed with the formula (RAM - 10M) +
pagefile = 22M. This formula can be simplified to (pagefile size) = 32M - RAM. Therefore, on a
computer with 24M of RAM, the minimum pagefile size should be no less than 8M. To modify
page file settings, open the control panel, run the System applet, and select the Performance tab.
Multiple page files may be created on one or more disk drives. Putting a pagefile on each disk
makes the system run faster since pagefile requests are performed on all available page files. NT
will write to the pagefile with the most free space first. The system works faster if the system files
and the pagefile are on a different drives. Minimum page file size is 2Mb according to some
documentation.
Windows NT supports up to 4 G of virtual RAM. There may be up to 2G of virtual memory
storage allocated by the virtual memory manager for each application.
5. PROCESS MANAGEMENT
Process Management in Unix:
Process is a program in execution. Their process identifier an integer identifies processes.
We will see how the Unix kernel manages processes. For each new process created the kernel sets
up an address space in memory. The address space consists of logical segments. Each process has
two stacks a User stack and a Kernel stack. At least two different modes of operation are used by
the Unix the more privileged kernel mode or less privileged User mode.
Kernel mode Process carrying out Kernel instructions is said to be running in the Kernel mode.
Essentially a mode switch occurs and control is transferred to the Kernel when the user program
makes a system call. The kernel then executes the instructions on users behalf. While in the
kernel mode the process may access the data and code of any process.
User mode Process, created directly by the users and running on the CPU are said to be in User
mode. The process doesn’t have the privileges of the kernel mode that is they can access the data
of other processes. The process of moving processes in and out of the CPU is called context
switching. Thus the kernel makes the operating system Multi-tasking.
Process in Unix communicates with each other by Pipes, queues of bytes between twp processes
that are accesses by a file descriptor. All user processes are descendants of one original process
init. Init forks a Getty process; initializes terminal line parameters and passes the user’s login
name to login.
Shell process
Parent process
Shell process
Fork
wait
Child
process
Execve
Program
Program
executes
exit
Illustration of process control calls in Unix
Process Management in WinNT:
When dealing with process two terms must be understood:

Thread - The most basic entity that can be scheduled.

Process - Made of one or more threads it is generally a program which may create other
threads that run semi-independently of its process.
NT uses preemptive multitasking to manage processes but supports cooperative multitasking.

Preemptive Multitasking - Threads may be assigned relative priorities.

Cooperative Multitasking - Process in which the applications cooperate by releasing
control of the processor. Windows 16 bit applications run this way.
6.FILE SYSTEM
File system in Unix:
The Unix file system supports two main objects files and directories. Directories are just
files with special format so representation of the file is the basic UNIX concept. Data blocks take
up most of the file system. 4.2 BSD uses two 4.2BSD uses two block sizes for files, which have
no indirect Blocks. All the blocks of a file are of a large block size (such as 8K), except the last.
The last block is an appropriate multiple of a smaller fragment size (i.e., 1024) to fill out the file.
In UNIX the file system can refer to virtual file system or physical file system. A file is
represented by an inode. The inode type field distinguishes between files and directories. The one
file system that the user usually sees consists of several physical file systems each on a different
device. The root file system is always available on the device where as the other file systems may
be integrated in to the directory hierarchy of the root system by mapping. In unix / is the root
directory. There are special files called device files, which contain information about the various
devices attached to the system. The kernel uses a < logical device number, node number> pair to
identify a file. The later version of Unix introduced Cylinder group, which allows localization of
blocks in a file.
File system in WinNT:
FAT Filesystem Characteristics
Used with DOS, it can only support partitions up to 4 G. No spaces are allowed in the file name.
FAT32 or VFAT Filesystem Characteristics
VFAT - Virtual File Allocation Table introduced by Windows 95. Some documentation says
NTWS cannot use FAT32.

Filenames up to 255 characters long.

Names begin with a letter and exclude " / \ [ ] : ; | = , ^ * ?

The last part is the extension but spaces can be used

It supports file attributes used by DOS such as read-only, archive, system, and hidden.

Won't support running POSIX applications.
RISC computers can only boot from FAT filesystems. FAT filesystems support dual booting of
operating systems. FAT partitions provide no local security, only share level security.
NTFS Filesystem Characteristics

Filenames up to 255 characters long

File names preserve case but are not case sensitive.

Exclude " / \ < > : | * ?

Supports built in file compression as a file attribute. Compression is applied to files in a
folder if that folder has its compression attribute set. Also optionally sub folders and their
contents may be compressed. Compression is not supported if the cluster size is above
4K in size. Moved files retain their compression attribute, but if they are copied they will
assume the compression attribute of the target folder.

Provides automatic transaction tracking of disk activity for correcting corrupt or failed
operations.

Supports auditing.

Provides sector sparing

There is a recycle bin for each user

Windows 16 bit and DOS environments can't use this filesystem.

A master file table is used to save individual file, boot sector, disk structure, and file
recovery information.

Automatically makes 11 character DOS file names. When the first 8 characters of long
filenames match, the first four DOS file names use the first for characters of the long
name, the ~ and 1, then2, etc. After the fourth duplicate name, the first two characters are
used, then the next four characters are hashed, then the ~ character then a number. The
first two duplicate file names may be: DOCU~1.DOC and DOCU~2.DOC. The long
extension is used as part of the extension for the 8.3 filename alias.Directory entries used
by long filenames include 1 for the 8.3 alias and 1 for each 13 characters in the long
filename.

Provides file logging ability and file recovery.

Supports POSIX.

Maximum file or partition size of 16 exabytes.

Supports file sharing with MacIntosh clients.

The disk is in 8M bands with a 2K file allocation map between each band. The 2K map is
a map for the associated 8M band. This structure is called the BTREE and is used to
reduce fragmentation.
On RISC computers a FAT filesystem of at least 2Mb must exist to boot from and an NTFS
volume can exist to install NT on. If installing DOS with NT, install DOS first so DOS will not
corrupt the NT boot sector and stop the NT boot manager from running. Floppies are formatted as
FAT, not NTFS.
Partitions
A hard drive may be split into partitions. NT uses two main partitions but I believe these two may
be installed on one partition. There can be up to 4 primary partitions and only one extended
partition which may include several logical drives. Only one partition may be active at a time. On
IBM compatible computers, only a primary partition may be a system partition which is where
the NT boot loader must reside.

System - Stores system files for booting such as NTLDR, BOOT.INI, and
NTDETECT.COM.

Boot - WINNT_Root partition where system files are
The filesystem containing the boot files is referred to as the system partition and the partition that
contains the WINNT40 directory is the boot partition.
Volume Sets
A volume may span several partitions and includes:

The disk directory area also called the root directory.

Allocation tables to track used disk space.
Characteristics and limitations:

A volume may contain 1 to 32 disk areas and can be formatted as FAT or NTFS.

These combined areas cannot be split or one part of a volume can't be deleted without
destroying the entire volume.

They may contain disk areas from various drive types such as IDE or SCSI.

NT system and boot partitions cannot be part of a volume set. Windows 95 and DOS
don't recognize volume sets.
Stripe Sets
A stripe set is established using free space from between 2 and 32 physical hard drives. The free
space on each drive must be the same capacity. Data is written is 64k blocks simultaneously on
each drive in the stripe set which increases disk drive read and write access speed. NTWS
supports stripe sets, but not stripe sets with parity. NT workstation does not support disk drive
fault tolerance, only supporting stripe sets without parity and sector sparing.
NT system and boot partitions cannot be part of a stripe set.
Other NT fault tolerant options include:

RAID 5 or stripe sets with a parity drive

Disk mirroring

Sector hot fixing
Other NT file and filesystem characteristics that enhance file storage:

Confirmation that hard drive write requests were done.

Disk cache is used to store data going to or from the disk to speed up access time. This is
referred to as lazy writing.

Hard links are used to tie file physical location to multiple file names.
7. I/O SYSTEM
I/O system in Unix:
The I/O system hides the kernel from the complications of I/O devices. The general
I/O system consists of a buffer caching system, general device driver code and drivers
for specific hardware devices. The basic model of the Unix I/O is a sequence of bytes
that can be accessed either randomly or sequentially. There are no access methods and
control blocks in a typical UNIX user process. Unix process use descriptors to
reference I/o streams. The block buffer cache consists of buffer headers each of which
point to a physical memory as well as block number and device number in the device.
The buffer cache size determines the system performance. The block device has a
character interface or raw device interface it bypasses the buffer block cache unlike
the buffer interface. Terminal device drivers use character-buffering system, which
involves keeping small blocks of data in link lists. In addition to the traditional read
and write system calls, 4.2BSD introduced the ability to do scatter/gather I/O. Scatter
input uses the readv system call to allow a single read to be placed in several different
buffers. Conversely, the writev system call allows several different buffers to be
written in a single atomic write. Instead of passing a single buffer and length
parameter, as is done with read and write, the process passes in a pointer to an array of
buffers and lengths, along with a count describing the size of the array.
8.INTER PROCESS COMMUNICATION
Inter process communication in Unix:
There are several ways by which processes can talk to each other in Unix. A brief explanation
about them is given about them.
 Pipe is the IPC mechanism, which is most characteristic of Unix. It permits a reliable
uni-directional byte stream between two processes.
 Message queues, it works kind a like FIFO but supports some additional functionality. In
short a process can create a message queue or connect to an existing one this way the
process communicate with each other.
 Shared Memory and Semaphores, two processes share a piece of common memory,
which is protected by a semaphore.
 Sockets are end point of communication. It’s a two-way communications pipe, which
can be used to communicate in a wide variety of domains. There are a wide variety of
Socket types Stream Sockets, Sequenced packet sockets, datagram sockets, raw sockets.
These are not discussed here due to constraint of number of pages.
Inter process communication in WinNT:
In WinNT also there are different ways by which processes can talk to each other.
mechanisms that are used in WinNT for inter process communication are given below:
 DDE
 OLE 1.0 & 2.0
 NETBIOS
 NAMED BIOS
 WINDOWS SOCKETS
 MAIL SLOTS
 SEMAPHORES
 RPC
 MEM-MAPPED FILE
The
9.PROTECTION AND SECURITY
Protection and Security in Unix:
Computer security is defined as maintaining the
 Confidentiality --- Ensuring that the information is not accesses by unauthorized persons,
 Maintaining the integrity of the data
 Maintaining the authentication to see that no authorized user logs in to the system.
The availability of the source code for the Unix operating system has been a boon for security
administrators. The security is implemented in Unix by various software’s, which are
commercially marketed. Some of the network security tools in Unix are ipacl, logdaemon, port
map, and rpcbind, Sara, Satan etc. Various companies market these and a further discussion about
these packages will be beyond the scope of this case study.
Protection and Security in WinNT:
Windows NT security features:

Logon Characteristics:
Mandatory Logon, Restricted user mode - User mode programs can't run during logon,
Physical logon - The CTRL-ALT-DEL sequence forces physical logon at the local terminal.

Memory protection

Auditing

Limited Network Access
NT security is provided by the Security Reference Monitor executive service. When a user
attempts to access files, this part of the system will be sure they have permission before the access
is allowed. When a user tries to run a program, and thus perform a function, the security reference
monitor will be sure the user has rights to run the program. The term rights are used to refer to the
user's ability to perform a function and the term permission is used to refer to a user's ability to
access a resource such as a file or printer, but sometimes the terms are used interchangeably.
Evaluation:
Coming to the analysis of both the operating systems, unix always has an edge compared to
other operating systems. WinNT is mainly used for small organizations and companies. But
after Windows 2000 was introduced to the market it has taken the place of WinNT.
The Unix OS is widely used by scientists, and big organizations around the world. It is much
more modular, highly portable etc. For an ordinary programmer, the WinNT would look like a
better operating system. But the fact remains that Unix is preferred my many experienced
programmers, computer scholars around the world. In all the topics discussed earlier although it
seems WinNT runs parallel with Unix, which is not the case.
I would dwell more on evaluation and analysis of the two operating systems during my
presentation. I think that would make a better perspective of both the operating systems.
Conclusion:
Unix first introduced the concept of standard hardware independent operating system. As more
flexibility and functionality were needed over the period of time there was a necessity to go in for
further developments and innovative ideas, which gave birth to the micro-kernel approach. To
support addition of function to Unix and its migration to distributed environments it is desirable
to map Unix in to a micro Kernel architecture. The key characteristic that distinguishes microkernel operating system from their macro kernel is their modularity. Micro kernel operating
systems are structured as a collection of co-operative servers running above a minimal kernel.
Structuring the operating system in this way offers a number of potential benefits like including
ease of distribution, reconfigurablity, extensibility, portability and correctness.
WinNT doesn’t lag behind although it has its own pitfalls. The major plus point for this
operating system is the standard graphical user interface that is not present in Unix. Everybody
uses their own graphical user interface in Unix. WinNT is mainly used in places where the
capacity of the server is very small, mainly for small organizations. Already Microsoft has
produced as advanced version of the WinNT that is Windows 2000.
In my opinion, Unix stands superior to WinNT.
References:
 A new look at the micro-kernel based UNIX operating system lessons in performance
and compatibility by Allan bricker, Michel gien, Marc Rozier and co.
 http://www.nmt.edu/tcc/help/unix/unix_cmd.html
 Operating systems by William Stallings.
 Most of the resources are online and I have done my search extensively in www.sun.com
and www.google.com.
Please note that the above-mentioned papers are also online at www.faqs.org