18 research outputs found
Performance measurement and evaluation of time-shared operating systems
Time-shared, virtual memory systems
are very complex and changes in their performance may
be caused by many factors - by variations in the
workload as well as changes in system configuration.
The evaluation of these systems can thus best be
carried out by linking results obtained from a
planned programme of measurements, taken on the
system, to some model of it. Such a programme of
measurements is best carried out under conditions in
which all the parameters likely to affect the system's
performance are reproducible, and under the control of
the experimenter. In order that this be possible the
workload used must be simulated and presented to the
target system through some form of automatic
workload driver. A case study of such a methodology
is presented in which the system (in this case the
Edinburgh Multi-Access System) is monitored during a
controlled experiment (designed and analysed using
standard techniques in common use in many other branches
of experimental science) and the results so obtained
used to calibrate and validate a simple simulation
model of the system. This model is then used in
further investigation of the effect of certain system parameters upon the system performance. The
factors covered by this exercise include the effect
of varying: main memory size, process loading
algorithm and secondary memory characteristics
Major Trends in Operating Systems Development
Operating systems have changed in nature in response to demands of users, and in response to advances in hardware and software technology. The purpose of this paper is to trace the development of major themes in operating system design from their beginnings through the present. This is not an exhaustive history of operating systems, but instead is intended to give the reader the flavor of the dif ferent periods in operating systems\u27 development. To this end, the paper will be organized by topic in approximate order of development. Each chapter will start with an introduction to the factors behind the rise of the period. This will be fol lowed by a survey of the state-of-the-art systems, and the conditions influencing them. The chapters close with a summation of the significant hardware and software contributions from the period
Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack
Sharing memory pages between non-trusting processes
is a common method of reducing the memory footprint
of multi-tenanted systems. In this paper we demonstrate
that, due to a weakness in the Intel X86 processors,
page sharing exposes processes to information leaks. We
present FLUSH+RELOAD, a cache side-channel attack
technique that exploits this weakness to monitor access
to memory lines in shared pages. Unlike previous cache
side-channel attacks, FLUSH+RELOAD targets the Last-
Level Cache (i.e. L3 on processors with three cache levels).
Consequently, the attack program and the victim do
not need to share the execution core.
We demonstrate the efficacy of the FLUSH+RELOAD
attack by using it to extract the private encryption keys
from a victim program running GnuPG 1.4.13. We tested
the attack both between two unrelated processes in a single
operating system and between processes running in
separate virtual machines. On average, the attack is able
to recover 96.7% of the bits of the secret key by observing
a single signature or decryption round
Interprocess communication in highly distributed systems
Issued as Final technical report, Project no. G-36-632Final technical report has title: Interprocess communication in highly distributed system
Recommended from our members
Concurrent Execution of Mutually Exclusive Alternatives
We examine the task of concurrently computing alternative solutions to a problem. We restrict our interest to the case where only one solution is needed: in this case we need some rule for selecting between the solutions. We use "fastest first," where the first successful alternative is selected. For problems where the required execution time is unpredictable this method can show substantial execution time performance increases. These increases are dependent on the mean execution time of the alternatives, the fastest execution time, the overhead involved in concurrent computation, and the overhead of selecting and deleting alternatives. Rather than using the traditional approach of multiple computers cooperating on the solution to a problem, this method achieves a solution competitively. Among the problems with exploring multiple alternatives in parallel are side-effects and combinatorial explosion in the amount of state which must be preserved. These are solved by process management and an application of "copy-on-write" virtual memory management. The side effects resulting from interprocess communication are handled by a specialized message layer which interacts with process management. We show how the scheme for parallel execution can be applied to several application areas. The applications are distributed execution of recovery blocks, OR-parallelism in Prolog, and polynomial root-finding
Recommended from our members
A New Protection Model for Component-Based
Protected operating systems multiplex programs onto resources such that they are isolated from one another — that is, concurrently executing programs cannot interfere with each other. A layer of software known as the kernel provides this protection to the software layers above it. Untrusted, ‘user’ programs are prevented from controlling the protection hardware because they are executed when the processor is in user mode — a mode of reduced privilege. In user mode, instructions that can be used to circumvent protection are unavailable; the processor’s instruction-set is reduced.
This thesis introduces a new operating system protection mechanism termed SISR — Software-based Instruction Set Reduction (pronounced scissor). Here, all software (including the kernel) executes in the same processor mode, while both language independence and protection are maintained. Untrusted (that is, ‘user level’) code is prevented from issuing privileged instructions not by reducing the processor’s instruction set, but by scanning code prior to its loading; any code found to contain privileged instructions is not loaded. Memory protection is provided through segmentation. SISR leads to improved architectures (that is, simpler and more modular), and improves performance significantly. Its low overheads make fine-grained protection practical, making it especially well-suited to component-based operating systems.
A prototype system has been built for x86-based PCs as a ‘proof-of-concept’. Significant improvements in architectures have been delivered. Tasks that have previously been inextricably linked (such as interrupt handling and CPU scheduling) have been separated into distinct components. Experiments have demonstrated significant improvements in performance, compared even to the leanest research operating systems
Recommended from our members