Presentation is loading. Please wait.

Presentation is loading. Please wait.

Self-Stabilizing Operating Systems Shlomi Dolev and Reuven Yagel Computer Science Department Ben-Gurion University of the Negev, Beer-Sheva, Israel SOSP’05.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Self-Stabilizing Operating Systems Shlomi Dolev and Reuven Yagel Computer Science Department Ben-Gurion University of the Negev, Beer-Sheva, Israel SOSP’05."— Presentation transcript:

1 Self-Stabilizing Operating Systems Shlomi Dolev and Reuven Yagel Computer Science Department Ben-Gurion University of the Negev, Beer-Sheva, Israel SOSP’05 \ SIGOPS Doctoral Workshop, Oct 23, 2005

2 2 SOS - Motivation Growing use of autonomous and remote systems (e.g. RFID) Human management is too expensive, risky or just unavailable The combination and type of faults cannot be totally anticipated in on-going systems (due to e.g. SEU\soft errors)soft errors Pentium HALTING problem: “… if the ESP or SP register is 1 when the PUSH instruction is executed, the processor shuts down…”

3 3 Proposed solution To build according to the well defined and understood paradigm of self-stabilization (traditionally used in distributed systems) Thereby achieving: trustworthiness, dependability, self-healing, automatic recovery, adaptive systems, …

4 4 Self-stabilization Elegant fault tolerant approach –Started at any state, the system convergences to a desired behavior Generally used in distributed systems –Routing, clock synchronization, leader election, etc. Overcome transient faults in the system. –Transient faults: soft-errors (“98% of RAM errors are soft errors”), wrong CRC during communication etc.

5 5 Self-stabilization The combination and type of faults cannot be totally anticipated in on-going systems Any on-going system must be self stabilizing (or manually monitored) “Self-Stabilization in Spite of Distributed Control” [Dijkstra ’74] Self-Stabilization [Dolev ’00] E L

6 6 OS Reliability Past examples: –Dijkstra, “THE” Multiprogramming System ’68 (Layered Approach) –Denning, Fault tolerant operating systems ’76 (Protection) –KeyKOS ‘85, EROS ’92 (Capabilities, Checkpoints) –Micro-kernel ~‘90, Exo-kernel ’94 (Minimal TCB) Current –JHU: The Coyotos Secure Operating System –IBM: K42, Autonomic Computing –SUN: Solaris 10, Predictive Self-Healing –MSR: Singularity, managed code OS

7 7 Goal: Autonomic Computer Following any sequence of transient faults (e.g. soft- errors), the (operating) system converges Using self stabilization: –A system can be started in an arbitrary state and converge to a desired behavior –Using fair composition to run hardware+OS BGU: Self-stabilizing systems, tools & paradigms –Microprocessor [DH’04] –Operating System [DY’04] –Compiler [DH’05] –Framework: autonomic recoverer [BDK’03] –Middleware: File System [DK’02], Group Comm. [DS’01]

8 8 SOS - Directions Black-box –Take existing (Desktop/Real-time) OS –Add stabilization layer –Detailed formal specification needed Carefully tailoring a tiny kernel –Processor scheduling [SAACS04] –Memory management [SSS05] –Device drivers

9 9 Method Additional requirements for each OS function Evolve self-stabilizing solutions that follow computer-architecture/OS progress Detailed proof for self-stabilization of algorithms AND implementation Processor (e.g. Pentium) instruction manual defines a transition function –Don’t rely on existing compilers

10 10 Assumptions Whole soft-state can be corrupted (e.g. Program Counter) Stabilization of other layers

11 11 Solution Foundations Program loading & process scheduling Code portions in ROM Truly non-maskable interrupt and watchdog architecture Periodic reset reinstall & execute (weak) continuous monitoring and consistency enforcement

12 12 Example: Memory Management- Requirements Consistency of memory hierarchy Self-stabilization preservation App1 App2 AppN OS HW

13 13 Allocate whole available memory to the running application Consistency: kept all the time Stabil. Preserving: no mutual sharing Solution 1: Full Swapping App1OS App1 RAM Disk App2App3 App … App2

14 14 Solution 2: Fixed Partitioning Fixed slots in main memory for several programs c5d5d2c2 c1c2c3c4c5 d1d2d3d4d5 CD-ROM Disk OS c3 d3 RAM

15 15 Consistency: through continuous checks and consistency establishment of OS data structures Stabil. Preserving: via segmentation + code refreshing Solution 2: Fixed Partitioning #FR P124 P23... #P F1 F21 … Process Table Frame Table

16 16 Solution 3: Dynamic allocations We want to allow applications to dynamically allocate memory How can we avoid a process that (faultily) allocates the whole available memory? What happens if a process “forgets” about its ownership? Leasing

17 17 Solution 3: Dynamic allocations #FR P1 P2... #P F1 F2 … Process Table L Frame Table Request Queue P2 3 3 1 1 2 2 2 1 1 0 0 2 1 9 0 Consistency: dynamic memory is temporarily leased & garbage collected, verification of PCB & queue Stabil. Preserving: access through special segment selector

18 18 Implementation Pentium in real-mode, single address space –Simple –common for sensors/microcontrollers –Protected mode & VM mechanisms can be handled accordingly Code size: ~ 1-2K –TinyOS ~1K –VxWorks ~10 2 K –Linux kernel ~4M Fault injection with the Bochs simulator

19 19 Implementation 1 ) MM_FindFrame: ;(PT, FT, i) ; al contains current frame suggestion ; nf <- (frmae[PT[i]] + 1) modulo M 2 ) andbyte [bx+FRAME_COL], FRAME_MASK 3 ) incal 4 ) andal, FRAME_MASK ;Check all slots for an empty one. ;while nf != frame[PT[i]] and FT[nf] != nil 5 ) while1: 6 ) cmpal, [bx+FRAME_COL] 7 ) jzendwhile1 8 ) leasi, [frames] 9 ) addsi, ax 10) movdl, [si] 11) cmpdl, NULL_PROCESS 12) jz endwhile1 ; do nf <- (nf + 1) modulo M 13) incal 14) andal, FRAME_MASK 15) jmpwhile1 16) endwhile1: ; return found frame number in register 'al' 17) ret

20 20

21 21 Future Work I/O device drivers –Major cause of operating systems failures –Co-operation of more than one microprocessor –Detailed driver / General monitoring layer Gather the different parts Micro-kernel / VMM

22 22 Conclusion The work shows theoretical and practical ways to achieve the goal of a self-stabilizing OS The (system) research community & industry can benefit from the foundation of self-stabilization http://www.cs.bgu.ac.il/~yagel/sos

23 23 Space Vehicle Failure …The Spirit rover has a radiation-hardened R6000 CPU from Lockheed-Martin Federal Systems…The operating system is Wind River Systems' Vx-Works.. …attempted to allocate more files than the RAM-based directory structure could accommodate. That caused an exception, which caused the task that had attempted the allocation to be suspended… …Spirit fell silent, alone on the emptiness of Mars… http://www.eetimes.com/story/ OEG20040220S0046 …the rover was in fact listening and rebooting, the team commanded Spirit to reboot without mounting the flash file system …But just in case, the team is working on an exception-handler routine that will more gracefully recover from an allocation failure

Download ppt "Self-Stabilizing Operating Systems Shlomi Dolev and Reuven Yagel Computer Science Department Ben-Gurion University of the Negev, Beer-Sheva, Israel SOSP’05."

Similar presentations

Processes and Threads Chapter 3 and 4 Operating Systems: Internals and Design Principles, 6/E William Stallings Patricia Roy Manatee Community College,

Processes and Threads Chapter 3 and 4 Operating Systems: Internals and Design Principles, 6/E William Stallings Patricia Roy Manatee Community College,
Threads, SMP, and Microkernels

Threads, SMP, and Microkernels
1 Realizing Self-Stabilizing Algorithms Shlomi Dolev, Yinnon A. Haviv, Department of Computer Science Ben-Gurion University, Israel Mooly Sagiv, Department.

1 Realizing Self-Stabilizing Algorithms Shlomi Dolev, Yinnon A. Haviv, Department of Computer Science Ben-Gurion University, Israel Mooly Sagiv, Department.
Self-Stabilizing Systems as a Base for Autonomic Computing Shlomi Dolev Yinnon Haviv, Reuven Yagel, Olga Brukman.

Self-Stabilizing Systems as a Base for Autonomic Computing Shlomi Dolev Yinnon Haviv, Reuven Yagel, Olga Brukman.
Threads, SMP, and Microkernels Chapter 4. Process Resource ownership - process is allocated a virtual address space to hold the process image Scheduling/execution-

Threads, SMP, and Microkernels Chapter 4. Process Resource ownership - process is allocated a virtual address space to hold the process image Scheduling/execution-
Computer Systems/Operating Systems - Class 8

Computer Systems/Operating Systems - Class 8
CMPT 300: Final Review Chapters 8 – 12. 2 Memory Management: Ch. 8, 9 Address spaces Logical (virtual): generated by the CPU Physical: seen by the memory.

CMPT 300: Final Review Chapters 8 – Memory Management: Ch. 8, 9 Address spaces Logical (virtual): generated by the CPU Physical: seen by the memory.
Operating Systems High Level View Chapter 1,2. Who is the User? End Users Application Programmers System Programmers Administrators.

Operating Systems High Level View Chapter 1,2. Who is the User? End Users Application Programmers System Programmers Administrators.
Self Stabilizing Distributed File System Department of Computer Science, Ben-Gurion University A BGU – IBM joint project.

Self Stabilizing Distributed File System Department of Computer Science, Ben-Gurion University A BGU – IBM joint project.
Dr Mohamed Menacer College of Computer Science and Engineering Taibah University CS-334: Computer.

Dr Mohamed Menacer College of Computer Science and Engineering Taibah University CS-334: Computer.
Self-Stabilized Operating System Shlomi Dolev, BGU Reuven Yagel, BGU-Rafael.

Self-Stabilized Operating System Shlomi Dolev, BGU Reuven Yagel, BGU-Rafael.
Self-Stabilization as a Foundation for Autonomic Computing Olga Brukman, Shlomi Dolev, Yinnon A. Haviv, Reuven Yagel. Ben-Gurion University of the Negev,

Self-Stabilization as a Foundation for Autonomic Computing Olga Brukman, Shlomi Dolev, Yinnon A. Haviv, Reuven Yagel. Ben-Gurion University of the Negev,
Memory Design Example. Selecting Memory Chip Selecting SRAM Memory Chip.

Memory Design Example. Selecting Memory Chip Selecting SRAM Memory Chip.
Operating System Support Focus on Architecture

Operating System Support Focus on Architecture
OS Fall ’ 02 Introduction Operating Systems Fall 2002.

OS Fall ’ 02 Introduction Operating Systems Fall 2002.
Memory Management 2010.

Memory Management 2010.
Toward a Self-Stabilized Operating System Shlomi Dolev, BGU Reuven Yagel, BGU-Rafael.

Toward a Self-Stabilized Operating System Shlomi Dolev, BGU Reuven Yagel, BGU-Rafael.
CMPT 300: Final Review Chapters 8 – 14. 2 Memory Management: Ch. 8, 9 Address spaces Logical (virtual): generated by the CPU Physical: seen by the memory.

CMPT 300: Final Review Chapters 8 – Memory Management: Ch. 8, 9 Address spaces Logical (virtual): generated by the CPU Physical: seen by the memory.
Chapter 8 Operating System Support

Chapter 8 Operating System Support
Self-Stabilization An Introduction Aly Farahat Ph.D. Student Automatic Software Design Lab Computer Science Department Michigan Technological University.

Self-Stabilization An Introduction Aly Farahat Ph.D. Student Automatic Software Design Lab Computer Science Department Michigan Technological University.

Similar presentations

Ads by Google