A small guy you can trust is the master of them all
In contrast to a monolithic kernel OS like Linux, in a microkernel-based system, only that functionality is placed in the kernel, which requires the privileged kernel mode of the processor. All the other code - which would be implemented according to a monolithic design in the kernel as well - is executed by so-called server tasks in the CPU user mode. That means, the server tasks are not able to access the memory of the computer directly but only via virtual address spaces, whereas the translation from virtual to physical memory addresses is controlled by the kernel. By this concept, the lines of code you have to trust - because they run in kernel mode and therefore have uncontrolled access to your computers hardware - is reduced to a minimum amount. For this reason, a microkernel-based architecture is ideal for building highly secure operating systems as well as extremely reliable real-time systems. Both is done in research projects at the TU Dresden.
In a monolithic OS design, a lot of functionality is placed inside the kernel, which does not necessarily require the privileged kernel mode of the CPU.
Out of theory – a demo CD! But let’s put theory aside and get to the point! To make the outcome of their research easier accessible to the non-OS-research public, on March 13th, 2006 the TU Dresden OS group has published a demo live CD, which is the one that should be grilled here. But what does the demo CD of this TUD:OS - which is rather a collection of many research projects than a complete desktop operating system – provide? When you put the CD into your computer and reboot your machine, a GRUB boot loader appears, offering different demo setups, each presenting a specific research result to you. In all of these scenarios, you will find a tutorial browser called Scout supplying information leading you through the whole tutorial.
Scenario 1: A Nitpicker's guide to a minimal-complexity secure GUI
The first of these GRUB entries guides you to a minimal-complexity secure GUI called Nitpicker. The idea behind Nitpicker is assigning the microkernel principle to GUI development: having an extremely small host GUI, Nitpicker, providing only the absolute minimum of functionality and running then different guest GUIs on top of it – for instance the L4-native window system DOpE or an conventional X-Server. With the Nitpicker host GUI you can securely supervise the behavior of your guest GUIs and in addition let run many applications of these guest GUIs completely protected from each other on the same system. Extremely challenging about the thing is the fact that all of the guest GUI's windows are integrated into the Nitpicker desktop as if they were native Nitpicker applications. Without a system like Nitpicker the development of secure GUI applications hardly would be possible. Because, what is the point of having a microkernel protecting address spaces while applications can spy on one another via an insecure GUI server?
By a microkernel-based architecture the number of lines of code you have to trust is reduced to a minimum amount. For this reason, it increases the security and stability of your opearting system. In addition, it makes a much more flexible and modular OS design possible.
In the Nitpicker scenario of the demo CD, you can check out how it feels to run a native Nitpicker application, the Scout tutorial browser, DOpE and X-Window applications on the same Nitpicker desktop. Furthermore it lets you experience several practical proofs that Nitpicker keeps its promises – for instance by invoking the X-Window "spy ware" xeyes and trying to spy out a DoPE application or the Scout tutorial browser with it.
- "TUD:OS, Page 1/2"
- "TUD:OS, Page 2/2"