CS 486: Secure Operating System Design and Implementation

This course covers techniques to design and implement an Operating System (OS). The course is taught bottom up, implementing an Operating System on the Xen virtual machine. The course is based on a web self-taught course, see osdev tutorial.

Are you thinking about taking the course, but are concerned about whether you have the needed background? I've set up a page on piazza where we can discuss this piazza discussion group. We'll use this during the course as well.

OS's are built on the bare machine. In this course, we'll implement to a virtual machine which is similar, but not identical to the bare metal. Students will learn about coding in C for the kernel, the tool chain (compiler, linker, assembler, ...), architectural issues for OS support, OS structure and design, and secure coding techniques.

Assignments

  • Assignment 0: Install VMware on your computer. After you have done that, install fedora20 with Xen VMware/Xen install instructions.
  • Assignment 1: memory/string/printf (Feb 10) Homework 1.
  • To do assignment 1, you'll need some source code infrastructure a1.tar.
  • Assingment 2: library/malloc/free Homework 2.
  • To do assignment 2, you'll need some source code infrastructure a2.tar.
  • Also for assignment 2, you'll need list.h.
  • Assignment 3: console/timer/events Homework 3.
  • Assignment 4: page walk Homework 4.
  • Assignment 5: page table create Homework 5.

A version of this course has been taught three times before, with a focus on Ethos, an OS which we are constructing at UIC. The goal of Ethos is to create a more secure platform for computing.

This year, last year's course will be turned upside down! Last year, the course was taught top down explaining the Ethos design and semantics. Much less of Ethos will be covered, more of kernel hacking; nonetheless, if you want to work on Ethos, this is the course to take. There are many other reasons to take this course: it is a must have course if you are interested in systems, it will really hone your programming skills, it will teach you about the structure of OSs, it will teach you about Virtual Machines.

We expect to begin kernel hacking in the second week of the course.

This course will challenge the best of programmers and will significantly improve programming skills no matter what language you use in the future. Two contributors to better skill are learning how to program in the less forgiving kernel programming environment and a better understanding (and thus better reasoning) of how different layers of the system interact. Secure programming in the OS will be taught as well as programming high availability systems.

Recommendation

It is highly recommended that students review material over the break to sharpen their understanding of C and their background in the system layers. (Systems programming requires addressing many concerns; the more facets the programmer understands, the easier the process.) The two best books for this purpose are:

  • For a general introduction to the structure of OS, see Maurice Bach.
  • For an in depth discussion of systems background, See Bryant and O'Halloran.
Note that Bach is a relatively easy read, but that Bryant and O'Halloran will require you to work through the issues.

News

Workload and needed background

This is an advanced course in Operating System design and implementation. Students are expected to have a solid background in OS, to be strong programmers, and to know well both C and the Unix tool chain (gcc, ld, ...). You have some familiarity with gdb, the UNIX debugger.
  • install VMware on your computer; install a Xen-based Linux distribution
  • Starting from a start page, begin executing the kernel
  • Make Xen hypervisor calls/set up interrupts
  • Add a terminal driver
  • Write kernel library functions
  • Write memory management routines
  • Course project

Course work

The course work consists of:

  • Programming projects, including a final project
  • Presentations
  • test and final

Tests will cover conceptual issues from kernel design and programming techniques covered.

Required background

  • OS: deadlock, starvation, synchronization, virtual memory
  • Architecture: privileged/unprivileged instr., page table, interrupts
  • Programming: C programming language, compile time vs. run time, GNU toolkit gcc, make, ld, sh

Academic integrity

Please note that 486 is a rigorous course. It will require substantial work and requires a strong background. Its purpose is to integrate many different issues needed to build an OS.

Students who are caught cheating will immediately fail the course, and have the cheating recorded in their record. For 1st year graduate students (because this is a 5 hour course), this usually results in expulsion from the program. Students who already have been caught cheating will go through disciplinary hearings, with the goal of having them expelled from the university.

Students who fail to demonstrate on tests an understanding of the programs they have handed in will fail the course.

You are not to show your program to anyone nor to look at anyone else's program. You may discuss programming concepts but only in general term.

Covered topics

This course covers network programming and systems programming from the operating system viewpoint. Special emphasis is given on standards based APIs, with explanation of typical interfaces.

Syllabus

SOSDI Syllabus

Texts

  • (Required) David Chisnall. The Definitive Guide to the Xen Hypervisor, Prentice-Hall.
  • (Required) Kernigan and Ritchie. The C programming language , Prentice-Hall.
  • (Recommended) Maurice J. Bach. The Design of the UNIX Operating System, Prentice-Hall, 1986.
  • (Recommended) Randal E. Bryant and David R. O'Hallaron, Computer Systems: A Programmer's Perspective, 2nd Edition, Prentice Hall, 2011.