A Survey of Some Theoretical Aspects of Multiprocessing
ACM Computing Surveys (CSUR)
The nucleus of a multiprogramming system
Communications of the ACM
Dynamic verification of operating system decisions
Communications of the ACM
Analysis of boolean program models for time-shared, paged environments
Communications of the ACM
The working set model for program behavior
Communications of the ACM
The structure of the “THE”-multiprogramming system
Communications of the ACM
Programming semantics for multiprogrammed computations
Communications of the ACM
The design of the Venus Operating System
SOSP '71 Proceedings of the third ACM symposium on Operating systems principles
A hardware architecture for implementing protection rings
SOSP '71 Proceedings of the third ACM symposium on Operating systems principles
Some deadlock properties of computer systems
SOSP '71 Proceedings of the third ACM symposium on Operating systems principles
Proceedings of a symposium on Compiler optimization
Design of a time-sharing system allowing interactive graphics
ACM '68 Proceedings of the 1968 23rd ACM national conference
Multiprocessors, semaphores, and a graph model of computation
Multiprocessors, semaphores, and a graph model of computation
AFIPS '76 Proceedings of the June 7-10, 1976, national computer conference and exposition
| Hi-index | 0.00 |
The major thrust toward providing secure computing facilities has gone into the design of, or models for, new operating systems. Work directed toward securing current systems has, for the most part, taken the form of penetration attempts. Penetration efforts have led several authors to identify generic weaknesses, but grouping by weakness has not led to formal methods. An approach showing greater promise in identifying trouble spots, as well as characterizing existing operating systems in a more general sense, lies in forming graph models in which nodes are program modules or data structures, and arcs are access or shared resource synchronization paths. A given system should be capable of reduction to a graph of this sort by appropriate analysis of its load modules.