Abstract

This talk explores the principles and practice of isolating faulty extensions in order to improve operating systems dependability. Several approaches to prevent extensions from crashing the operating system have been proposed, including wrapping, language-based protection, virtualization, and multiserver designs. While there is a consensus that extensions need to be isolated, the crucial question in each approach remains: “Who can do what and how can this be done safely?” In particular, this talk will discuss how MINIX 3 , a UNIX -like multiserver operating system, isolates extensions using ordinary processes and a strict interpretation of least authority. We also present the results of extensive fault-injection experiments conducted on a prototype implementation to verify that the proposed protection mechanisms are indeed effective. For the moment, one observation stands out: out of 3,000,000 common, randomly injected faults, no single fault was able to crash MINIX 3 .

SPEAKER BIO : Jorrit Herder holds an M.Sc. degree in Computer Science (cum laude) from the Vrije Universiteit in Amsterdam and is currently a Ph.D. student there. His research focuses on operating system reliability and security, and he is closely involved in the design and implementation of MINIX 3 .