Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Toward a Self-Stabilized Operating System Shlomi Dolev, BGU Reuven Yagel, BGU-Rafael Talk Outline • Operating Systems & Self Stabilization • OS Research • ….. Operating Systems & Self Stabilization • Goal: Find the means of making the core(main) components of an OS behave in a Self-Stabilized manner. • Self Stabilization – Usually Distributed Computing Oriented – Fair composition [Dolev] • Operating Systems – Top-down vs. Bottom-up view Virtual Machine vs. Resource Manager [Tanenbaum] OS Research • Deprecated by industry & hackers – # of courses in univ. • Base abstraction for higher abstractions (middleware, protocol stacks) • Essential for system reliability.[kernel projects] • Operating System.Net (Ideas will move on to distributed OSs – see sciam article, .Net Framework diagram Top-down vs. Bottom-up • Top-down – Linux kernel: 2M source code lines – Windows 2000: ~30M – Shell • Bottom-Up – We know what we have! – Will take some time to become full operational. Research Directions • Build on Linux – Open, Modern, Documented, Unix tradition, Cool… – But: “Hackered”, Monolithic – Case study for OS components. • Hardening – Security of servers • SS-Shell – First try, difficult to prove. • Watchdog The Problem (or: What can go wrong?) • Everything! • Soft errors (Processor, Memory, Bus). – Approximately 98% of RAM errors are soft errors. • Software Errors. Watchdog • • • • a) Reset processor (+ ROM OS) b) Reinstalling OS periodically c) Warmboot d) Full self-stabilization Platform • IA-32 Architecture – – – – CPU modes Boot process Memory map, ROM areas Hardware Changes • Watchdog handler – ROM (Liskov’s article), Harvard Model – Program Restart OS Stabilizer Code Definitions & Assumptions • • • • Initial Configuration Stabilized Processor & Watchdog. Processor will react to watchdog interrupt. Stabilizer code is stable (ROM) Proof Sketch • • • • Lemma 1 Lemma 2 Lemma 3 Theorem Screen Shots