CPT304: Operating Systems Theory & Design: Retrospective
Looking back at the past five weeks learning about
operating systems in this course, I now reflect on what I have learned and
address the six discussion points while providing revised versions of the
visual aids that I developed throughout the course.
Describe features of
contemporary operating systems and their structures.
There is no single contemporary operating
system, and the unique goals of each computing environment influence the
features and structures of each system. For example, a peer-to-peer network
would be constructed with connectivity and security as high priorities, while
real-time embedded systems require reliability and strict adherence to timed
processes. In general, operating system must provide a user interface, manage resources,
and execute programs.
User interfaces can range from command line
prompts to complex graphical interfaces. These environments allow humans to
interact with an operating system through input and output devices. The
operating system must manage resources include memory, storage, file systems,
and I/O devices. The main goal behind managing these resources is to allow
programs to execute. The operating system must coordinate the kernel and
userspace to control access to sensitive system resources without allowing data
corruption by the user or application. The contemporary operating system is
interrupt-driven, a property that allows for switching of resources between the
user and the protected kernel, and system calls allow programs to make requests
of the operating system (Silberschatz et al., 2014). The separation of policy
from mechanisms first becomes apparent in the design of an operating system and
is a common theme across many aspects of operating system implementation.
Discuss how operating
systems enable processes to share and exchange information.
A process refers to a program in execution,
and it includes program activity, stack, data section, and heap (dynamically
allocated memory) (Silberschatz et al., 2014). A process control block (PCB)
includes all components of a process and its interactions with system resources
such as process state, program counter, CPU registers, CPU scheduling, memory
management, accounting, and I/O information (Silberschatz et al., 2014).
Coordinating concurrent threads has become a
significant focus of operating system design with multi-threaded processes. A
thread is the basic unit of CPU utilization and includes thread ID, program
counter, register set, and stack (Silberschatz et al., 2014). Multi-threaded
processes have significant benefits, including program responsiveness, resource
sharing, the economy of resources, and scalability (Silberschatz et al., 2014).
There are three main multi-threading models: many-to-one, one-to-one, and
many-to-many. The one-to-one model is probably the most common in modern
multiprocessing systems and is characterized by allowing multiple threads to
run in parallel (Silberschatz et al., 2014). In the absence of parallel
processing, processes may still run concurrently, meaning each process can make
progress through its execution over time, but not necessarily simultaneously
(the operating system can switch rapidly between processes to give the
appearance of parallel processing). There are obstacles to overcome in process
synchronization, including the critical-section problem, which refers to the
system engaging the critical section of one process at a time. A critical
section can include parts such as changing variables, updating tables, or writing
to a file. Peterson's solution to the critical section problem uses flags and
while loops to achieve mutual exclusion, progress, and bounded waiting to avoid
race conditions.
Explain how main memory
and virtual memory can solve memory management issues.
Memory management issues arise from pursuing
memory management goals, which include relocation, protection, organization,
and sharing. Relocation refers to moving processes from one part of memory to
another, and it is accomplished by mapping virtual to physical addresses in
real-time (Silberschatz et al., 2014). Protection is necessary to preserve
memory locations from being overwritten in error. It is especially crucial to
ensure that kernel memory cannot be overwritten by user processes, which can be
accomplished through limit registers (Silberschatz et al., 2014). Managing the
transfer of processes between storage or virtual memory and main memory falls
under the principle of organization.
Virtual memory can be used in place of
storage devices in traditional computing, such as disk drives to extend the
main memory capacity. Virtual memory allows processes to share memory through
the technique known as demand paging, which will enable processes to use only
portions of memory instead of loading a whole process into physical memory
(Silberschatz et al., 2014). Virtual memory can also use copy-on-write,
allowing parent and child processes to share pages (Silberschatz et al., 2014).
Page replacement is a technique used to mitigate page fault penalties, but it
is challenging to program and is usually implemented with an approximation of
least recently used protocols (Silberschatz et al., 2014).
Explain how files, mass
storage, and I/O are handled in a modern computer system.
The file system objectives in an operating
system include creating files, writing files, reading files, repositioning
within files, deleting files, and truncating files (Silberschatz et al., 2014).
Multiple users or processes often must share access to files which creates the
need for techniques such as file locks to ensure access is limited to a single
process (Silberschatz et al., 2014). Modern operating systems often use page
caching with virtual addresses as a more efficient substitute to physical disk
blocks (Silberschatz et al., 2014). Modern operating systems can use multiple
file directory structures, including single-level, two-level, tree-structured,
acyclical-graph, and general graph directories. Each structure is characterized
by interactions between directories, subdirectories, and files. Most structures
do not allow sharing of files, but acyclical graph structures and general graph
structures do. However, general graph structures also allow self-referential
cycles, which can compromise the file system integrity.
Mass storage is commonly implemented on hard
disk drives (HDDs), which store binary data on magnetic disc platters, which a
reading head mounted on a disk arm can later recover and load to main memory.
HDDs are non-volatile storage and will retain the information recorded after
power is removed. Solid-state disks (SSDs) are another common mass storage
device that uses flash memory. SSDs are faster than HDDs, and more degradable
from repeated read / write cycles. Magnetic tapes can also be used for mass
storage. They are stable but very slow and are used mainly for enterprise
backups. The operating system is responsible for scheduling disk access for
HDDs. Several algorithms are used to determine the order in which each pending
request is serviced. The first-come, first-served method is the simplest and
fairest method to pending requests but is often the least efficient. The
shortest-seek-time-first or SSTF algorithm can be more efficient than the FCFS
but may lead to starvation of requests located on remote cylinders on the disk
platter. The SCAN algorithm can strike a compromise between fairness and
efficiency as the disc arm oscillates between extremes of the cylinder space
while reading pending requests along the way. In some cases, SCAN can even be
more efficient than SSTF.
I/O devices include storage devices like
disks, transmission devices like network connections, and human interface
devices like screens, keyboards, microphones, clocks, and speakers, among others
(Silberschatz et al., 2014). The operating system interacts with I/O devices
through ports and busses, such as PCI, SATA, SCSI, and ATAPI. The kernel I/O
subsystem interacts with the device drivers on the software side, which in turn
interacts with device controllers on the hardware side, making the devices
work. Polling and interrupts are methods that establish communications
throughout the system (Silberschatz et al., 2014). Direct memory access (DMA)
allows access to device controllers directly without occupying CPU resources.
This method is most often used in the transfer of large amounts of data, such
as between the hard drive and memory (Silberschatz et al., 2014)
Outline the mechanisms
necessary to control the access of programs or users to the resources defined
by a computer system.
Protection controls access of programs or
users to the resources defined by a computer system. Protection prevents
violation of access restrictions and, more generally, ensures that program
components only access resources in ways defined by stated policies
(Silberschatz et al., 2014). An essential idea governing domain access is the
principle of least privilege, which indicates that users and processes should
possess the minimum authority needed to execute their tasks (Silberschatz et
al., 2014). Traditionally, domain-based protections use access matrices to
document accesses allowed to objects by domains. Domain-based protections are
usually implemented with access control lists (ACLs) which specify which
domains can access which objects. ACLs provide a mechanism to add, remove, or
change domain access through the object side of the access matrix. Capabilities
lists require each domain to gain access to objects indirectly through
capabilities like a token that specifies which object and which authority the
domain is allowed. Capabilities lists can operate without the burden of
searching through entire access lists to confirm the authority to access, but
they can it more difficult to revoke access since there will not be a list of
domains with access for each object. Language-based protection is developing
alongside high-level languages to allow users to more flexible and efficient
permissions control.
Security works with protection to prevent harm
from external environmental factors. Secure systems exist only if resources are
used and accessed as intended. It is impossible to achieve total security, but
mechanisms must still be in place to minimize security breaches (Silberschatz
et al., 2014). Typical security breaches include breach of confidentiality,
integrity, breach of availability, theft of service, and denial of service
(Silberschatz et al., 2014). The four levels of security include physical,
human, operating system, and network. Physical security requires protection
from attacks on the machines and facilities in which operating systems
function. Human security involves protection from intentional or accidental
breaches resulting from tactics such as social engineering or attempting to otherwise
gain access outside of the computing environment to gain unauthorized access.
Operating systems can be susceptible to accidental breaches by way of runaway
processes which create a denial-of-service situation. Vulnerabilities created
by stack overflows could also invite intentional attacks from unauthorized
users. Externally launched denial-of-service attacks also constitute security
breaches on the network level (Silberschatz et al., 2014). The mechanisms
needed to protect against security breaches are as varied as the attacks
themselves and range from on-site security and law enforcement to cryptology,
user authentication, and firewalls.
Recommend how you will
use these concepts about operating systems theory in future courses and/or
future jobs.
I came into this course with very little
knowledge of operating systems, and I have found the content enlightening. I am
certain that the lessons I have learned will be invaluable in my future courses
and hopefully in my career. I do not currently work in the IT field, but I
still use operating systems throughout my entire workday. I have gained insight
into operating systems' design and functionality, which helps me understand how
they work. Perhaps these concepts will aid me in troubleshooting computer
problems of my own or helping others to fix their computers. I am also
interested in expanding my knowledge of real-time embedded systems and their
operating systems due to my background in electronics. I think this course has
given me valuable insight I can use in that field and the IT field. This is an
essential foundation of knowledge that I would not have gained without taking
this course.
References
Silberschatz, A., Galvin, P. B., & Gagne, G. (2014). Operating
system concepts essentials (2nd ed.). Retrieved from
https://redshelf.com/