The traditional image of operating systems is changing because processors are now integrated in a variety of objects and environments: mobile phones, smart cards, sensors, etc. These environments impose specific requirements and constraints: security, availability, fine-grain control of the usage of resources, flexibility, and adaptability. Another change is brought about by the development of closely coupled processor networks and clusters. In the following sections, we have singled out a few emerging topics of operating systems research.
6.1 New Architectures and Paradigms
The requirements of adaptability and flexibility have contributed to a move towards a “deconstruction” of the traditional operating system. This trend started in the 1980s with the emergence of micro-kernel architectures such as Mach and Chorus. However, microkernels did not bring all the expected benefits: there were found too rigid (not leaving enough flexibility to resource allocation policies) and suffered from performance problems. Starting in the mid 1990s, a new current of research has attempted a finer grain decomposition of the operating systems kernels. Projects such as Exokernel/Aegis, Spin, OS-Kit, Vino, and others have introduced the idea of a highly flexible, “componentised” operating system, which could even be dynamically composed to respond to changes in its environment. The main challenge is to preserve the security and integrity of the systems in the face of dynamic change.
Think (acronym of “Think Is Not A Kernel”) [Senart et al 2002][Charra and Senart 2002] is a software framework (under development in the Sardes Project) inspired by the exokernel model. However, Think goes one step further than the original exokernel: its interface does not provide any abstraction at all, but essentially reifies the underlying hardware interface; and it provides a lightweight software framework for developing the basic functions of an operating system (naming, binding and communication). Think is intended to be used for embedded systems, in which flexibility and a small footprint are strong requirements. Starting from the original Think system [Fassino et al 2002], a lightweight component structure has been developed to provide the system with capabilities for dynamic composition and reconfiguration. Experimental embedded applications have been developed with Think in the area of mobile robots and active networks. The main work on Think has been done in collaboration between the Sardes project and France Telecom Research and Development.
Resource Management
Resource management is an important function of an operating system. In traditional OS, the resource management policy is entirely controlled by the system. However, the flexibility and adaptability requirements imposed by the new applications and environments have led to more interaction between the users and the system itself. The system may provide “hooks” through which information on resource usage and requirements may flow, both ways, between the users and the kernel. An early example is “scheduler activations”, a mechanism through which part of the task of thread scheduling may be delegated to the application, while not compromising the system safety. Other examples are related to memory resources and, more recently, to energy management.
Storage and File Systems
The challenge of file system design is to take the best advantage of the underlying storage hardware in order to maximize performance, while ensuring availability and data security. Examples of progress are log-structured file systems, which improve performance through more efficient writes, and distributed file systems, which exploit the overall capacity of networked storage. Recent architectures tend to explore this latter path further, e.g., by efficiently using the aggregated storage capacity of a local area network or a cluster. This may be combined with the use of caching. There is a trend toward considering the file system as an autonomous subsystem, with decentralized “intelligence”, and architectural advances, such as network-attached devices, go in the same direction.
The Sardes project is now investigating a form of distributed storage for clusters [Hansen 2001a][Hansen and Jul 2001][Hansen 2001b][Hansen and Lachaize 2002], with the following goals: optimizing the global sharing of devices within a cluster (possibly using remote DMA facilities); and exploring the use of component-based architecture for I/O systems. It is expected that the extensibility and scalability of I/O in clusters, and the usage ratio of the resources will be improved. A modular I/O infrastructure called Proboscis has been developed to allow global I/O management within a cluster: a node may access to I/O devices located on another node. The current version may be used on both Ethernet and SCI networks. Measurements show that remote access does not entail significant performance loss, and that distributing storage management over a cluster is a workable solution. Under extreme load conditions, the slowdown of a node is limited to 10 to 20% (in execution time) for SCI networks and 50% for Ethernet networks.
It is important to realise that the volume of data to be accessed is dramatically growing and in the future there will be a need to store and to deal with data in various effective ways, allowing, for example, for fast searches, etc, by using indexing and other ways of data structuring.
Security and Trust
Security has always been an important issue in operating systems. The importance of security is increasing with the advent of more open and dynamically changing systems. Active tracks of research are concerned with the security of “imported” code, for which formal methods (“proof carrying code”) are being explored. Other projects investigate various forms of trusted kernels, with different levels of trust being attached to the layers of the system.
Within the Sardes project a protection framework has been recently incorporated in the Think system [Rippert and Stefani 2002a][Rippert and Stefani 2002b]. The work was done on four types of resources: processor, RAM, disk storage, and network connections. The framework is able to protect against the following attacks: service denial by packet flooding or by attack on the disk channel; memory corruption, direct or by insertion of malicious code.
Operating Systems for Constrained Environments
Following the trend towards pervasive and ubiquitous computing, specialised systems are being developed, for which customized operating systems need to be designed. Two examples are operating systems for mobile robots, and operating systems for sensor networks. In both cases, the system must take into account strong environmental constraints such as energy consumption, memory footprint, communication bandwidth, etc., so that sensor networks and their operating systems are now a fast developing area of research (e.g., projects such as TinyOS).
Cluster Operating Systems
Clusters of closely coupled computers have emerged as a low-cost alternative to high-performance computers, for a variety of applications. Initially limited to high-performance scientific computing, the application domain of clusters now includes information management, e.g., web servers. The challenge of a cluster operating system is to exploit as efficiently as possible the aggregated resources of the cluster. The function of observation and administration (e.g., reconfiguring the cluster in case of partial failure) is also more developed than in a single-machine OS.
The Sardes project has investigated the use of clusters for data management [Cecchet et al 2002][Cecchet and Marguerite 2003], specifically, the focus is on improving the performance of the J2EE server architecture through the use of clusters. There are two main tracks of work: configurable load balancing mechanism for Enterprise Java Beans (EJB); and replicating databases for availability and performance. The latter track has led to the development of C-JDBC, a software framework that allows any application using the standard JDBC interface to transparently access a database replicated on a possibly heterogeneous cluster.
Virtual Machine Monitors
One key future direction is, as often the case in systems research, a reincarnation of a hot-topic of the past: virtual machine monitors (VMM). Research projects in the United States (e.g. Denali at the University of Washington) and within Europe (e.g. the XenoServers project at the University of Cambridge) are reapplying VMM techniques to modern architectures with a view to supporting micro-services: components of Internet-scale applications requiring only a small fraction of the resources of a server. As part of the XenoServers project a hypervisor XenoMon has been developed which securely multiplexes the resources of a machine between a number of overlaying guest operating systems. Performing the resource division task at such a low level allows the support of multiple OS types on a single machine.
6.2 Future Trends
This is, in summary, the set of future trends and challenges which OS researchers and developers will be facing:
-
Developing flexible componentized OSs
-
Preserving security and integrity of the systems in the face of dynamic changes
-
Efficient using the aggregated storage capacity of a local area and a cluster
-
Developing OSs for constrained environments
-
Exploiting as efficiently as possible the aggregated resources of a cluster
-
Introducing advanced features supporting flexibility, openness and mobility into Virtual Machine Monitors.
Other intriguing avenues for future operating systems research include building tiny embedded systems for sensor network (or other extreme network systems), and support for “ad hoc supercomputing” in the Grid.
Dostları ilə paylaş: |