A programmer's view of the Intel 432 system
A programmer's view of the Intel 432 system
Lightweight remote procedure call
ACM Transactions on Computer Systems (TOCS)
The X Window System, version 11
Software—Practice & Experience - The X Window system
Experience with transactions in QuickSilver
SOSP '91 Proceedings of the thirteenth ACM symposium on Operating systems principles
Inside Windows NT
Architecture support for single address space operating systems
ASPLOS V Proceedings of the fifth international conference on Architectural support for programming languages and operating systems
Efficient software-based fault isolation
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Sharing and protection in a single-address-space operating system
ACM Transactions on Computer Systems (TOCS) - Special issue on computer architecture
Hive: fault containment for shared-memory multiprocessors
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Exokernel: an operating system architecture for application-level resource management
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Extensibility safety and performance in the SPIN operating system
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Dealing with disaster: surviving misbehaved kernel extensions
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
Safe kernel extensions without run-time checking
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
The Flux OSKit: a substrate for kernel and language research
Proceedings of the sixteenth ACM symposium on Operating systems principles
The performance of μ-kernel-based systems
Proceedings of the sixteenth ACM symposium on Operating systems principles
Self-paging in the Nemesis operating system
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Fault Tolerant Operating Systems
ACM Computing Surveys (CSUR)
Implementing remote procedure calls
ACM Transactions on Computer Systems (TOCS)
Protection and the control of information sharing in multics
Communications of the ACM
Communications of the ACM
Programming semantics for multiprogrammed computations
Communications of the ACM
Enforcing high-level protocols in low-level software
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Automatically validating temporal safety properties of interfaces
SPIN '01 Proceedings of the 8th international SPIN workshop on Model checking of software
An empirical study of operating systems errors
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
Capability-Based Computer Systems
Capability-Based Computer Systems
Understanding the Linux Kernel
Understanding the Linux Kernel
The Java Language Specification
The Java Language Specification
Proceedings of the 10th international conference on Architectural support for programming languages and operating systems
Fault Injection Techniques and Tools
Computer
VLDB '91 Proceedings of the 17th International Conference on Very Large Data Bases
The increasing irrelevance of IPC Performance for Micro-kernel-Based Operating Systems
Proceedings of the Workshop on Micro-kernels and Other Kernel Architectures
Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor
Proceedings of the General Track: 2002 USENIX Annual Technical Conference
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Generation of an error set that emulates software faults based on field data
FTCS '96 Proceedings of the The Twenty-Sixth Annual International Symposium on Fault-Tolerant Computing (FTCS '96)
The Systematic Improvement of Fault Tolerance in the Rio File Cache
FTCS '99 Proceedings of the Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing
IBM System/38 support for capability-based addressing
ISCA '81 Proceedings of the 8th annual symposium on Computer Architecture
Reliable hardware-software architecture
Proceedings of the international conference on Reliable software
Building dependable COTS microkernel-based systems using MAFALDA
PRDC '00 Proceedings of the 2000 Pacific Rim International Symposium on Dependable Computing
Recursive Restartability: Turning the Reboot Sledgehammer into a Scalpel
HOTOS '01 Proceedings of the Eighth Workshop on Hot Topics in Operating Systems
When Virtual Is Better Than Real
HOTOS '01 Proceedings of the Eighth Workshop on Hot Topics in Operating Systems
Recovery Oriented Computing (ROC): Motivation, Definition, Techniques,
Recovery Oriented Computing (ROC): Motivation, Definition, Techniques,
Checking system rules using system-specific, programmer-written compiler extensions
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Devil: an IDL for hardware programming
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Exploring failure transparency and the limits of generic recovery
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
An operating system architecture for network processors
Proceedings of the 2005 ACM symposium on Architecture for networking and communications systems
The costs and limits of availability for replicated services
ACM Transactions on Computer Systems (TOCS)
MINIX 3: a highly reliable, self-repairing operating system
ACM SIGOPS Operating Systems Review
ACM Transactions on Computer Systems (TOCS)
Understanding collateral evolution in Linux device drivers
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Raksha: a flexible information flow architecture for software security
Proceedings of the 34th annual international symposium on Computer architecture
Towards a VMM-based usage control framework for OS kernel integrity protection
Proceedings of the 12th ACM symposium on Access control models and technologies
Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007
Secure virtual architecture: a safe execution environment for commodity operating systems
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
SafeDrive: safe and recoverable extensions using language-based techniques
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
The design and implementation of microdrivers
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
Microdrivers: a new architecture for device drivers
HOTOS'07 Proceedings of the 11th USENIX workshop on Hot topics in operating systems
Journal of Computer Security - The Third IEEE International Symposium on Security in Networks and Distributed Systems
HERMES: A Software Architecture for Visibility and Control in Wireless Sensor Network Deployments
IPSN '08 Proceedings of the 7th international conference on Information processing in sensor networks
Performance analysis of network operating systems in local area networks
CEA'08 Proceedings of the 2nd WSEAS International Conference on Computer Engineering and Applications
Protection strategies for direct access to virtualized I/O devices
ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference
Safe device driver model based on kernel-mode JVM
VTDC '07 Proceedings of the 2nd international workshop on Virtualization technology in distributed computing
Techniques for service level enforcement in web-services based systems
Proceedings of the 10th International Conference on Information Integration and Web-based Applications & Services
Achieving 10 Gb/s using safe and transparent network interface virtualization
Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Service-level enforcement in web-services-based systems
International Journal of Web and Grid Services
Linux bugs: Life cycle, resolution and architectural analysis
Information and Software Technology
Fast byte-granularity software fault isolation
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Tolerating hardware device failures in software
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
The cake is a lie: privilege rings as a policy resource
Proceedings of the 1st ACM workshop on Virtual machine security
Why panic()?: improving reliability with restartable file systems
ACM SIGOPS Operating Systems Review
WYSINWYX: What you see is not what you eXecute
ACM Transactions on Programming Languages and Systems (TOPLAS)
Reverse engineering of binary device drivers with RevNIC
Proceedings of the 5th European conference on Computer systems
Otherworld: giving applications a chance to survive OS kernel crashes
Proceedings of the 5th European conference on Computer systems
Execution path profiling for OS device drivers: viability and methodology
ISAS'08 Proceedings of the 5th international conference on Service availability
Analyzing stripped device-driver executables
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Profiling the operational behavior of OS device drivers
Empirical Software Engineering
Design of fault tolerant system based on runtime behavior tracing
ICACT'10 Proceedings of the 12th international conference on Advanced communication technology
Network I/O fairness in virtual machines
Proceedings of the second ACM SIGCOMM workshop on Virtualized infrastructure systems and architectures
Hardware enforcement of application security policies using tagged memory
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Device driver safety through a reference validation mechanism
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Memory safety for low-level software/hardware interactions
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Decaf: moving device drivers to a modern language
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Tolerating malicious device drivers in Linux
USENIXATC'10 Proceedings of the 2010 USENIX conference on USENIX annual technical conference
Testing closed-source binary device drivers with DDT
USENIXATC'10 Proceedings of the 2010 USENIX conference on USENIX annual technical conference
ReHype: enabling VM survival across hypervisor failures
Proceedings of the 7th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Language-independent sandboxing of just-in-time compilation and self-modifying code
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
vIOMMU: efficient IOMMU emulation
USENIXATC'11 Proceedings of the 2011 USENIX conference on USENIX annual technical conference
Policy-centric protection of OS kernel from vulnerable loadable kernel modules
ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
Software fault isolation with API integrity and multi-principal modules
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Ribbons: a partially shared memory programming model
Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications
Reorganizing UNIX for reliability
ACSAC'06 Proceedings of the 11th Asia-Pacific conference on Advances in Computer Systems Architecture
Understanding modern device drivers
ASPLOS XVII Proceedings of the seventeenth international conference on Architectural Support for Programming Languages and Operating Systems
Using virtualization to protect application address space inside untrusted environment
Programming and Computing Software
Improving robustness testing of COTS OS extensions
ISAS'06 Proceedings of the Third international conference on Service Availability
Hypnos: understanding and treating sleep conflicts in smartphones
Proceedings of the 8th ACM European Conference on Computer Systems
Back to the future: fault-tolerant live update with time-traveling state transfer
LISA'13 Proceedings of the 27th international conference on Large Installation System Administration
| Hi-index | 0.00 |
Despite decades of research in extensible operating system technology, extensions such as device drivers remain a significant cause of system failures. In Windows XP, for example, drivers account for 85&percent; of recently reported failures.This article describes Nooks, a reliability subsystem that seeks to greatly enhance operating system (OS) reliability by isolating the OS from driver failures. The Nooks approach is practical: rather than guaranteeing complete fault tolerance through a new (and incompatible) OS or driver architecture, our goal is to prevent the vast majority of driver-caused crashes with little or no change to the existing driver and system code. Nooks isolates drivers within lightweight protection domains inside the kernel address space, where hardware and software prevent them from corrupting the kernel. Nooks also tracks a driver's use of kernel resources to facilitate automatic cleanup during recovery.To prove the viability of our approach, we implemented Nooks in the Linux operating system and used it to fault-isolate several device drivers. Our results show that Nooks offers a substantial increase in the reliability of operating systems, catching and quickly recovering from many faults that would otherwise crash the system. Under a wide range and number of fault conditions, we show that Nooks recovers automatically from 99&percent; of the faults that otherwise cause Linux to crash.While Nooks was designed for drivers, our techniques generalize to other kernel extensions. We demonstrate this by isolating a kernel-mode file system and an in-kernel Internet service. Overall, because Nooks supports existing C-language extensions, runs on a commodity operating system and hardware, and enables automated recovery, it represents a substantial step beyond the specialized architectures and type-safe languages required by previous efforts directed at safe extensibility.