Jon A. Solworth

CS 491: Secure Operating System Design and Implementation

This course covers techniques to design and implement an Operating System (OS). The course is taught bottom up, implementing an Operating System on the Xen virtual machine. The course is based on a web self-taught course, see osdev tutorial.

Are you thinking about taking the course, but are concerned about whether you have the needed background? I've set up a page on piazza where we can discuss this piazza discussion group. We'll use this during the course as well.

e OS's are built on the bare machine. In this course, we'll implement to a virtual machine which is similar, but not identical to the bare metal. Students will learn about coding in C for the kernel, the tool chain (compiler, linker, assembler, ...), architectural issues for OS support, OS structure and design, and secure coding techniques.

Assignments

• Assignment 0: Install VMware on your computer. After you have done that, install fedora14 with Xen Fedora install instructions. (An alternative is to install fedora14 with Xen directly on your computer and boot into Xen. Note if you go this route, you are on your own for installation.)
• Note that the Fedora install instructions/kickstart are provided by Mike Petullo who gave the lecture on them today.
• Assignment 1: Libraries Homework 1.
• Here is the a.tar file to start working on nanoOS Starting tar file for nanoOS.
• Assignment 2: Kernel begins Homework 2.
• Here is the a2.tar file to start working on the third nanoOS assignment Second tar file for nanoOS.
• Assignment 3: Console driver and timer Homework 3.
• Here is some Here are some OS/VM resources.
• Assignment 4: Page Walk Homework 4.
• Assignment 5: Page Allocator Homework 5.
• Assignment 6: Subpage allocator Homework 6.

A version of this course has been taught twice before, with a focus on Ethos, an OS which we are constructing at UIC. The goal of Ethos is to create a more secure platform for computing.

This year, last year's course will be turned upside down! Last year, the course was taught top down explaining the Ethos design and semantics. Much less of Ethos will be covered, more of kernel hacking; nonetheless, if you want to work on Ethos, this is the course to take. There are many other reasons to take this course: it is a must have course if you are interested in systems, it will really hone your programming skills, it will teach you about the structure of OSs, it will teach you about Virtual Machines.

We expect to begin kernel hacking in the second week of the course.

This course will challenge the best of programmers and will significantly improve programming skills no matter what language you use in the future. Two contributors to better skill are learning how to program in the less forgiving kernel programming environment and a better understanding (and thus better reasoning) of how different layers of the system interact. Secure programming in the OS will be taught as well as programming high availability systems.

Recommendation

It is highly recommended that students review material over the break to sharpen their understanding of C and their background in the system layers. (Systems programming requires addressing many concerns; the more facets the programmer understands, the easier the process.) The two best books for this purpose are:

• For a general introduction to the structure of OS, see Maurice Bach.
• For an in depth discussion of systems background, See Bryant and O'Halloran.

Note that Bach is a relatively easy read, but that Bryant and O'Halloran will require you to work through the issues.

News

Workload and needed background

This is an advanced course in Operating System design and implementation. Students are expected to have a solid background in OS, to be strong programmers, and to know well both C and the Unix tool chain (gcc, ld, ...). You have some familiarity with gdb, the UNIX debugger.

• install VMware on your computer; install a Xen-based Linux distribution
• Starting from a start page, begin executing the kernel
• Make Xen hypervisor calls/set up interrupts
• Add a terminal driver
• Write kernel library functions
• Write memory management routines
• Course project

Course work

The course work consists of:

• Programming projects, including a final project
• Presentations
• test and final

Tests will cover conceptual issues from kernel design and programming techniques covered.

Required background

• OS: deadlock, starvation, synchronization, virtual memory
• Architecture: privileged/unprivileged instr., page table, interrupts
• Programming: C programming language, compile time vs. run time, GNU toolkit gcc, make, ld, sh

Academic integrity

Please note that 491 is a rigorous course. It will require substantial work and requires a strong background. Its purpose is to integrate many different issues needed to build an OS.

Students who are caught cheating will immediately fail the course, and have the cheating recorded in their record. For 1st year graduate students (because this is a 5 hour course), this usually results in expulsion from the program. Students who already have been caught cheating will go through disciplinary hearings, with the goal of having them expelled from the university.

Students who fail to demonstrate on tests an understanding of the programs they have handed in will fail the course.

You are not to show your program to anyone nor to look at anyone else's program. You may discuss programming concepts but only in general term.

Covered topics

This course covers network programming and systems programming from the operating system viewpoint. Special emphasis is given on standards based APIs, with explanation of typical interfaces.

Syllabus

SOSDI Syllabus

Texts

• (Required) David Chisnall. The Definitive Guide to the Xen Hypervisor, Prentice-Hall.
• (Required) Kernigan and Ritchie. The C programming language , Prentice-Hall.
• (Recommended) Maurice J. Bach. The Design of the UNIX Operating System, Prentice-Hall, 1986.
• (Recommended) Randal E. Bryant and David R. O'Hallaron, Computer Systems: A Programmer's Perspective, 2nd Edition, Prentice Hall, 2011.

Course details

Call Number:	32690/29907
Meetings:	Time	Room
	12:30-1:45 TTh	LH 300
Teaching Assistant:
	Email:
	Office hours:
	Office location:
Text:	David Chisnall	The Definitive Guide to the Xen Hypervisor, First Edition
		Prentice-Hall

UIC-only Course Materials

If you are a UIC student who is connected through a non-UIC ISP, you can get these handouts via either of two techniques. If you have a fast connection then a) login to a uic machine, b) set DISPLAY to the machine you are working on, c) run netscape, d) save the file, e) copy the file to your local machine. Otherwise, just use UIC dialin accounts to download the files needed.

• Lecture Notes and other Course Materials (available only from uic.edu domain)

Helpful links

This course will tax your skills. Here are some links to help you fill in the gaps:

• Afsheen Rajendran (CS 485 class of 2001)
• Slashdot. News for Nerds. Stuff that Matters

Valid XHTML 1.0 | Copyright © Jon A. Solworth | Design by super j man