Can we make operating systems reliable and secure?

@article{Tanenbaum2006CanWM,
  title={Can we make operating systems reliable and secure?},
  author={Andrew S. Tanenbaum and Jorrit N. Herder and Herbert Bos},
  journal={Computer},
  year={2006},
  volume={39},
  pages={44-51}
}
Microkernels long discarded as unacceptable because of their lower performance compared with monolithic kernels might be making a comeback in operating systems due to their potentially higher reliability, which many researchers now regard as more important than performance. Each of the four different attempts to improve operating system reliability focuses on preventing buggy device drivers from crashing the system. In the Nooks approach, each driver is individually hand wrapped in a software… Expand
puffs-Pass-to-Userspace Framework File System
Fault tolerant and secure operating systems are a worthwhile goal. A known method for accomplishing fault tolerance and security is isolation. This means running separate operating system services inExpand
Performance Optimizations for Isolated Driver Domains
(ABSTRACT) In most of today's operating system architectures, device drivers are tightly coupled with other kernel components. In such systems, a fault caused by a malicious or faulty device driverExpand
Reorganizing UNIX for Reliability
TLDR
The architecture of a modular UNIX-compatible operating system, MINIX3, that provides reliability beyond that of most other systems, and is designed to survive and automatically recover from failures in critical modules, transparent to applications and without user intervention is discussed. Expand
Improving system security through TCB reduction
TLDR
This work shows how the security-critical part of the OS, the so called TCB (Trusted Computing Base), can be reduced from millions to less than hundred thousand lines of code to achieve these security goals. Expand
Building a reliable operating system
TLDR
CuriOS is presented, an operating system that incorporates several new error management techniques that significantly improve reliability and achieves inter-client isolation by curtailing error propagation within services. Expand
Faster Recovery from Operating System Failure and File Cache Missing
Rebooting a computer is one method to fix operating system (OS) failures. However this method causes two problems. First, the computer will not be available until the rebooting is finished. Second,Expand
THE NEW APPROACH TO IPC IN THE MICROKERNEL USING SOFTWARE ARCHITECTURE
TLDR
This paper tries to use software architecture style based on Event-Driven and message passing communication method and determine a framework for interaction among practicable processes on OS and proposes a method which finally can improve the interaction between the OS and processes. Expand
Improving Xen security through disaggregation
TLDR
This paper introduces the work to disaggregate the management virtual machine in a Xen-based system, and describes the implementation, which moves the domain builder, the most important privileged component, into a minimal trusted compartment. Expand
Even more patterns for secure operating systems
TLDR
This work presents patterns for the representation of processes and threads, emphasizing their security aspects, and presents a pattern to control the power of administrators, a common source of security problems. Expand
Virtual execution environment for robust real-time systems
TLDR
VEER is a Virtual Execution Environment for Robust real-time systems that allows consolidation and partitioning of the subsystems of real- time embedded systems for better recoverability and service availability and reduces recovery time through fault-containment. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 14 REFERENCES
Improving the reliability of commodity operating systems
TLDR
Nooks, a reliability subsystem that seeks to greatly enhance operating system reliability by isolating the OS from driver failures, represents a substantial step beyond the specialized architectures and type-safe languages required by previous efforts directed at safe extensibility. Expand
An empirical study of operating systems errors
TLDR
A study of operating system errors found by automatic, static, compiler analysis applied to the Linux and OpenBSD kernels found that device drivers have error rates up to three to seven times higher than the rest of the kernel. Expand
Recovering device drivers
TLDR
A new mechanism is presented that enables applications to run correctly when device drivers fail and assumes the role of the failed driver during recovery, and imposes minimal performance overhead. Expand
Unmodified Device Driver Reuse and Improved System Dependability via Virtual Machines
TLDR
By allowing distinct device drivers to reside in separate virtual machines, this technique isolates faults caused by defective or malicious drivers, thus improving a system's dependability, and enables extensive reuse of existing and unmodified drivers. Expand
The performance of μ-kernel-based systems
TLDR
The ported Linux operating system was ported to run on top of the L4 μ- kernel and the resulting system with both Linux running native, and MkLinux, a Linux version that executes onTop of a first-generation Mach-derived μ-kernel demonstrated both that it is possible to implement a high-performance conventional operating system personality above a μ- Kernel, and that the performance of the μ- kernels is crucial to achieve this. Expand
The architecture of virtual machines
TLDR
A virtual machine can support individual processes or a complete system depending on the abstraction level where virtualization occurs, and replication by virtualization enables more flexible and efficient and efficient use of hardware resources. Expand
On micro-kernel construction
TLDR
Contradictory to this belief, it is shown and support by documentary evidence that inefficiency and inflexibility of current μ-kernels is not inherited from the basic idea but mostly from overloading the kernel and/or from improper implementation. Expand
The distribution of faults in a large industrial software system
TLDR
The ultimate goal of this study is to help identify characteristics of files that can be used as predictors of fault-proneness, thereby helping organizations determine how best to use their testing resources. Expand
An empirical study of operating systems errors
TLDR
A study of operating system errors found by automatic, static, compiler analysis applied to the Linux and OpenBSD kernels is presented. Expand
Software errors and complexity: an empirical investigation0
An analysis of the distributions and relationships derived from the change data collected during development of a medium-scale software project produces some surprising insights into the factorsExpand
...
1
2
...