An operating system is an interface between user applications and the computer by using system programs and hardware controllers. The purpose of an operating system is managing resources, scheduling processes, handling fault conditions, and journaling system activity. Each operating system consists of several components to manage a computer. Learning each component and how they interact provides an understanding on how an operating system works. Unix is a popular operating system that has been around since the early 1970s, developed by Bell Labs and the University of California, Berkeley. The components discussed include processes, scheduling and deadlocks, memory management, input/output devices, file management, security, and data protection and how they relate in a Unix environment.
Processes and threads
When a program executes, the operating system creates a process, which is an instance of the program running in memory. Resource Ownership and scheduling/execution are two characteristics of a process (Stallings, 2009, p. 161). Operating systems allocate resource ownership to processes for duration of time. The scheduler is responsible for managing the execution state of a process as well as dispatch priority through a queue. Each process follows the path of one or more programs called a trace and interleave in turn among other processes using one or more threads.
The operating system uses the thread as a dispatch priority to direct the path of a process. Processes can spawn multiple threads that behave like the process and executes on concurrent paths called multithreading. Both the process and its threads access and share the same resources and state. A thread will maintain one of the following states: spawn, blocked, unblock, and finished.
HP-UX Unix is a time-sharing system that supports multiprocessing and multithreading environments allowing users to share system resources simultaneously. Each thread can run independently and create multiple threads that run in parallel on multiple processors (HP-UX MultiProcessing, 1997, p. 7). The Unix process is a task created by a fork system call from the kernel (Rosen, 2007). The fork creates a new process called the child, which is formed by a parent process issuing the fork call. The child issues a wait signal to the parent process and once a child is complete, the parent process continues.
The two synchronization mechanisms used by Unix are spinlocks and semaphores. A spinlock protects data from a thread or an interrupt and is owned by one processor (HP-UX MultiProcessing, 1997, p. 19). Spinlocks are short-term locks that cause another processor to spin and wait for it to release from the other processor. Semaphores are owned by threads through mutual-exclusion. Other threads waiting on a semaphore are blocked until it is released.
Memory Management
Memory management is the component of an operating system that supports multiprogramming and subdivides memory space to efficiently manage processes to minimize idle time. Modern operating systems use virtual memory as an extension of main memory by storing additional memory to a swap file on disk. Virtual memory permits the size of a user process to exceed the size main memory. The operating system uses a page table to store a process in virtual memory by dividing it into smaller fixed-size units. The hardware issues a page fault at which time a routine retrieves the next portion of a page from disk for the process (Stallings, 2009, p. 352). The page table is updated with the process’s state and the next set of instructions continues process execution.
HP-UX executes processes and threads using virtual memory through demand paging (HP-UX Memory Management, 1997). The kernel creates a virtual address space for each process with portions of the process’s address space mapped to main memory. This allows retrieving the process and thread into main memory only when requested and at which time the portions of an address space not recently used are swapped to secondary memory. To improve performance, Unix implements preemptive swapping of the changed content of a page whenever the disk has idle time (Noble, 2007). When a page fault occurs, the kernel retrieves the next page from disk and loads it in main memory.
Scheduling
With both uni-processors and multi-processors, scheduling is the component that manages processes to ensure system resources become available to allow each process an equal opportunity to efficiently complete its job. The operating system uses a scheduler and resource management to control memory, I/O devices, programs, and data (Stallings, 2009, p. 53).
There are three functions uni-processors use for process scheduling. The first is a long-term scheduler to move new processes into a queue. A second function is medium-term scheduler to determine if memory space is available for process swapping. The third function is a short-term scheduler that dispatches a process to the memory address determined by the medium-term scheduler. There are four scheduling policies used by the short-term scheduler and a selection function based on priority level to select the next process. System-oriented and user-oriented are two criteria used by the policies to allocate processor time for each process (Stallings, 2009, p. 410). For user-oriented processes, the scheduler is concerned with turnaround time, response time, deadlines, and predictability. System-oriented processes are concerned with throughput, processor utilization, fairness, and enforcing priorities and balancing.
Multiprocessing characteristics are a degree of granularity or frequency of synchronization between processes (Stallings, 2009, p. 453). Five categories exist in respect to granularity: independent parallelism, very course, course, medium, and fine. The issues multiprocessors have are assigning a process to a processor, managing multiprogramming on each processor, and dispatching processes. A process may use a single processor by static assignment or dynamically among processors. The scheduler may use multiple queues based on priority of the process. Four approaches of assigning processes and threads are global queue, gang, dedicated, and dynamic.
With Unix systems, processes are scheduled and controlled by the kernel (Rosen, 2007). The scheduler is a system daemon running in the background. Each process is assigned in sequential order to a resource for a slice of time and when time has expired, the process is placed in a priority queue. User processes requiring large amounts of time are given a lower priority than shorter processes (Rosen, 2007). The priority is a preemptive Round Robin static scheduler using Real-time, Kernel, and Time-share priority classes. Real-time has the highest priority levels between 159-100, the kernel is the next highest levels of 99-60, and Time-share having the least priority levels 59-0 (Stallings, 2009, p. 485). Using priority levels optimizes response time allowing new programs the ability to execute by preventing larger processes from stealing all processor time.
Deadlocks
Deadlocks are sets of processes that become permanently blocked while waiting on the same resource. Three conditions create a potential for a deadlock and a fourth condition triggers a deadlock occurrence. Mutual exclusion allows only one process to a resource. Hold and wait is a process holding one resource while requesting another. No preemption does not allow a process to be forced from a resource, and circular wait is the consequence of the previous three conditions (Stallings, 2009, p. 271). To circumvent deadlock conditions, operating systems use prevention, avoidance, and detection. Prevention constrains processes from resources when requested. Avoidance allows the three conditions to occur but denies a request that may cause a deadlock. Applications and operating systems use detection through a circular wait condition. Both prevention and detection are normally written in programs to handle deadlocks.
Unix uses concurrency mechanisms through locking strategies with spinlocks and semaphores. Spinlocks provide mutual exclusion to prevent errors if multiple threads operate on the data at the same time (HP-UX MultiProcessing, 1997, p. 18). Data accessed between processors is synchronized by a spinlock. If a processor attempts to obtain a spinlock held by another processor, the spinlock triggers a busy wait condition until the lock is released.
Semaphores manage system resources required by multiple processes. A semaphore is a value created by the operating system and used by processes to determine if a resource is in use. If a resource is free, the process claims the resource and sets the semaphore to a busy value. A signal notifies processes when events occur including process state (Rosen, 2007). Processes may communicate with each other or with the kernel using signals and take action based on a value.
File Management
A file system is an organized collection of files and directories stored on a partition or disk volume. Each drive can have multiple partitions containing separate file systems providing software and storage to both users and applications (Stallings, 2009, p. 554). Files system management is performed by system utilities and services and is the mechanism that provides access control to the files and directories. Many file systems today use a tree-like structure beginning with a master directory called root. Additional directories may exist below root called subdirectories, which may also contain subdirectories. Each file system must have a method to manage and allocate free space on a disk. Three file allocation methods are contiguous, chained, and indexed (Stallings, 2009, p. 572). Access control provides security by setting permission attributes on files and directories or by using access control lists.
Unix is a hierarchical structure file system with the top-level directory beginning at root denoted by a / (slash). All remaining files and directories reside below root identified by a unique name and contain an identifier called an inode. Every device connected to a Unix system is considered a file and is given a name similar to other files or directories. Six file types in a Unix environment are regular, directory, special, named pipes, links, and symbolic links (Stallings, 2009, p. 580-581). File allocation is dynamic based on file blocks and using the inode as an index pointer. In order to use a Unix file system, it must be mounted manually or during a system boot.
Input and Output devices
As with processes and threads, I/O devices must have an access method for system processes and application programs. Three categories used to engage I/O devices are human, machine, and communication. Human interaction is typically with printers, keyboards, mice, and other peripherals. Machine devices are USB, disk drives, sensors such as Bluetooth, and controllers (Stallings, 2009, p. 496). Communication devices are devices such as modems.
I/O functions consist of programmed I/O, interrupt I/O, and direct memory access (DMA). Programmed I/O is an I/O function used by a processor on behalf of a process. Interrupt function may be a blocking or unblocking function depending on if the process is waiting on an instruction. DMA exchanges data between main memory and an I/O control module. I/O buffering improves efficiency and reduces overhead of input and output operations.
Disk scheduling is an operation to manage disk access for read and write functions. Scheduling is performed by policies similar to other scheduling policies. These are FIFO; last in first out, shortest service time first, SCAN, circular SCAN, N-step-SCAN, FSCAN (Stallings, 2009, p. 514).
In Unix, devices are special file types and gaining access is similar to accessing other file types. Because everything is a file, the file system manages both file and the I/O interface. Unix uses buffered and unbuffered I/O functions (Stallings, 2009, p. 527). Buffered I/O uses system buffer cache and character queues. The buffer cache is stored on disk and the processor uses DMA to transfer the data. Character-oriented devices such as printers, plotters, and terminals use character cache. DMA is an unbuffered I/O that prevents system overhead and improves performance.
Security issues
With current technology, networks have grown globally into what we know as the internet. The internet contains millions of connections, which creates millions of vulnerabilities and threats to information and systems. Computer security is the protection of information systems to preserve confidentiality, integrity, and availability referred to as the CIA triad (Element K, 2008, p. 4). An organization is threatened when one of these elements are compromised.
To be able to eliminate or prevent threats, one must understand what the threats are and how to identify them. Social engineering, software, hardware, and network attacks are the types of threats against automation systems. Social engineering is an attack using deception to convince someone into providing information. An attacker may use this threat through theft, shoulder surfing, dumpster diving, spoofing, and phishing. The best method to prevent social engineering threats are through user awareness training and physical security.
Malicious code or malware attacks are viruses, worms, logic bombs, spyware, adware, rootkits, and botnets. Malware attacks can be prevented by installing antivirus software, software patches, updates, and maintaining audit logs. Network-based attacks are port scanning, protocol sniffing, IP spoofing, denial of service. Hardware attacks target any type of hardware on the network to include workstations, servers, and printers. To prevent both network and hardware attacks, use routine patch management practices on servers, workstations, and network devices, audit logging, antivirus software, intrusion detection software, and vulnerability scanners. Implementing policy based management techniques enforces security policies for users and groups (Element K, 2008, p. 123).
Unix systems are designed with security in mind to prevent unauthorized access. Over the years, Hewlett-Packard has identified and developed patches and updates to correct many vulnerabilities. To access the system a user must have an account and password. Users are assigned to a group and permissions on files and directories are given by setting both a user ID and group ID for read, write, and execute. Access Control Lists (ACL) are also used to grant permissions to sets of users. In this case, each file has its own ACL with a list of access control entries for user, group, and permission (Rosen, 2007). Files can be protected using the combination of compression and encryption with the built-in system utilities. For added restrictions, Unix has a restricted shell that allows limited user access to specific programs when they log in. Restricted shells prevent the user from moving out of their home directory or changing their profile path. HP-UX has a host intrusion detection system that monitors for exploitations providing near real-time detection and alert (HP-UX Security, 2010).
Data protection
Data protection is an important component that achieves high availability and fault tolerance by providing storage redundancy. High availability is a rate that measures the ability of a system to provide data 100% of the time without degradation to performance (Element K, 2008, p. 454). Fault tolerance is the ability to continue providing service in the event of a component failure. Data backup is a fundamental practice used to protect information stored on and off site. Data redundancy measures prevent failure during operations, two of which are RAID and Cluster.
RAID is a redundant array of independent disks that provide fault tolerance using a collection of disks. A RAID configuration appears as a single logical drive to an operating system (Dean. T, 2010, p. 704). An advantage for using RAID is that data will not be lost due to a single disk failure. The remaining disks continue functioning without the failed disk. RAID also provides mass storage and improves I/O performance. There are several levels of RAID and the most common are level 0 through level 5. Level 0 is disk striping, level 1 mirrors two disks, level 2 strips with error correction, level 3 is striping with parity on each disk, level 4 is striping blocks with parity, and level 5 is striping with parity information spread among drives (Element K, 2008, p. 463).
A cluster technique links several servers together that appear as one computer providing fault tolerance and high availability (Dean. T, 2010, p. 703). In the event one server fails, all remaining servers continue operation and assume the responsibilities of the failed server. Three additional benefits of clustering are absolute scalability, incremental scalability, performance, and cost (Stallings, 2009, p. 728). Large clusters may be implemented on initial installation or expand with business growth. Clusters do not require high-end servers or that they be located together, but can be in separate geographic locations. Two cluster configurations are standby and shared. Standby servers do not share disks whereas shared servers use a RAID storage system.
Unix supports both RAID and clustering to provide high availability, fault tolerance, and improve performance. HP uses either logical volume manager (LVM) or VERITAS volume manager to manage its RAID system creating a virtual file system. Clustering is implemented on an HP system by creating a cluster file system (HP-UX Clusters).
Conclusion
Although this is not a comprehensive description of an operating system, it contains the major components for one. Processes and threads are created from the execution of a program or operating system function. Each process and thread is loaded in a queue by a scheduler that manages the timing to ensure resources are available and prevent starvation and deadlocks. The operating system handles deadlocks by using prevention, avoidance, or detection policies. For a process to run, it requires memory space using the operating systems memory manager. Each operating system uses an organized method to manage its file system. File management is the component that maintains the structure and attributes of every file and directory on a storage device. Input and output management is the component that manages resource access for running processes. Security measures protect resources from malware and other threats and data protection ensures information is available for the user and provides rapid recovery mechanisms.
