Fault isolation for device drivers

This work explores the principles and practice of isolating low-level device drivers in order to improve OS dependability. In particular, we explore the operations drivers can perform and how fault propagation in the event a bug is triggered can be prevented. We have prototyped our ideas in an open-...

Full description

Saved in:
Bibliographic Details
Main Authors: Herder, J.N., Bos, H., Gras, B., Homburg, P., Tanenbaum, A.S.
Format: Conference Proceeding
Language:English
Subjects:
Bugs
Computer crashes
Computer science
Dependability
Device Drivers
Fault Isolation
Kernel
Lab-on-a-chip
Linux
Open source software
Operating systems
Software prototyping
Software testing
SWIFI Testing
Vehicle crash testing
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:This work explores the principles and practice of isolating low-level device drivers in order to improve OS dependability. In particular, we explore the operations drivers can perform and how fault propagation in the event a bug is triggered can be prevented. We have prototyped our ideas in an open-source multiserver OS (MINIX 3) that isolates drivers by strictly enforcing least authority and iteratively refined our isolation techniques using a pragmatic approach based on extensive software-implemented fault-injection (SWIFI) testing. In the end, out of 3,400,000 common faults injected randomly into 4 different Ethernet drivers using both programmed I/O and DMA, no fault was able to break our protection mechanisms and crash the OS. In total, we experienced only one hang, but this appears to be caused by buggy hardware.
ISSN:1530-0889
2158-3927
DOI:10.1109/DSN.2009.5270357