Chapter 2:

Services and
Components of
Operating-System
Structures

(10 marks)
 Operating System Services
1. One set of operating-system services provides functions that are helpful to
the user:
a. User interface - Almost all operating systems have a user interface
(UI)
● Varies between Command-Line (CLI), Graphics User Interface
(GUI), Batch
a. Program execution - The system must be able to load a program into
memory and to run that program, end execution, either normally or
abnormally (indicating error)
b. I/O operations - A running program may require I/O, which may
involve a file or an I/O device.
c. File-system manipulation - The file system is of particular interest.
Obviously, programs need to read and write files and directories, create
and delete them, search them, list file Information, permission
management.
d. Communications – Processes may exchange information, on the same
computer or between computers over a network
4 Communications may be via shared memory or through message
passing (packets moved by the OS)
Operating System 2.2 Silberschatz, Galvin and Gagne
 (Cont.)
● Error detection – OS needs to be constantly aware of possible errors
○ May occur in the CPU and memory hardware, in I/O devices, in user
program
○ For each type of error, OS should take the appropriate action to ensure
correct and consistent computing
○ Debugging facilities can greatly enhance the user’s and programmer’s
abilities to efficiently use the system
● Another set of OS functions exists for ensuring the efficient operation of
the system itself via resource sharing
○ Resource allocation - When multiple users or multiple jobs running
concurrently, resources must be allocated to each of them
■ Many types of resources - Some (such as CPU
cycles,mainmemory, and file storage) may have special allocation
code, others (such as I/O devices) may have general request and
release code.
○ Accounting - To keep track of which users use how much and what
kinds of computer resources

Operating System 2.3 Silberschatz, Galvin and Gagne

 ● Protection and security - The owners of information stored in a multiuser or
networked computer system may want to control use of that information,
concurrent processes should not interfere with each other
● Protection involves ensuring that all access to system resources is
controlled
● Security of the system from outsiders requires user authentication,
extends to defending external I/O devices from invalid access
attempts
● If a system is to be protected and secure, precautions must be
instituted throughout it. A chain is only as strong as its weakest link.

Operating System 2.4 Silberschatz, Galvin and Gagne

 System Calls
● Programming interface to the services provided by the OS
● Typically written in a high-level language (C or C++)
● Mostly accessed by programs via a high-level Application Program Interface
(API) rather than direct system call use
● Three most common APIs are
● Win32 API for Windows,
● POSIX API for POSIX-based systems (including virtually all versions of
UNIX, Linux, and Mac OS X)
● Java API for the Java virtual machine (JVM)
● Types of System calls
● Process control
● File management
● Device management
● Information maintenance
● Communications
● Why use APIs rather than system calls?
● System calls are detailed and more difficult to work with
● Using APIs can allow programs to compile and run on other system
Operating System
(Note that the system-call
2.5
names used throughout this text are
Silberschatz, Galvin and Gagne
 ● Process control
● end, abort
● load, execute
● create process, terminate process
● get process attributes, set process attributes
● wait for time
● wait event, signal event
● allocate and free memory
● File management
● create file, delete file
● open, close
● read, write, reposition
● get file attributes, set file attributes
● Device management
● request device, release device
● read, write, reposition
● get device attributes, set device attributes
Operating System 2.6 Silberschatz, Galvin and Gagne
 ● Information maintenance
● get time or date, set time or date
● get system data, set system data
● get process, file, or device attributes
● set process, file, or device attributes
● Communications
● create, delete communication connection
● send, receive messages
● transfer status information
● attach or detach remote devices

Operating System 2.7 Silberschatz, Galvin and Gagne

 Example of System Calls

● System call sequence to copy the contents of one file to

another file

Operating System 2.8 Silberschatz, Galvin and Gagne

 Operating System Design and
Implementation

● Design and Implementation of OS not “solvable”, but some

approaches have proven successful
● Internal structure of different Operating Systems can vary widely
● Start by defining goals and specifications
● Affected by choice of hardware, type of system
● User goals and System goals
● User goals – operating system should be convenient to use,
easy to learn, reliable, safe, and fast
● System goals – operating system should be easy to design,
implement, and maintain, as well as flexible, reliable, error-
free, and efficient

Operating System 2.9 Silberschatz, Galvin and Gagne

 Components of the Operating System:

● Process management
● Main memory management
● Files management
● I/O device management
● Secondary storage management
● Security management
● Network management
● Command Interpreter

Operating System 2. Silberschatz, Galvin and Gagne

 Process Management
● A process is a program in execution. It is a unit of work within
the system. Program is a passive entity, process is an active
entity.
● Process needs resources to accomplish its task
● CPU, memory, I/O, files
● Initialization data
● Process termination requires reclaim of any reusable
resources
● Single-threaded process has one program counter
specifying location of next instruction to execute
● Process executes instructions sequentially, one at a time,
until completion
● Multi-threaded process has one program counter per thread
● Typically system has many processes, some user, some
operating system running concurrently on one or more CPUs
● Concurrency by multiplexing the CPUs among the
processes / threads

Operating System 2. Silberschatz, Galvin and Gagne

 Process Management Activities
● Types:-operating-system processes (those that execute system code) and the rest
of which are user processes

activities in connection with process management:

● Creating and deleting both user and system processes
● Suspending and resuming processes
● Providing mechanisms for process synchronization
● Providing mechanisms for process communication
● Providing mechanisms for deadlock handling

Operating System 2. Silberschatz, Galvin and Gagne

 Main Memory Management
● Main memory is a large array of words or bytes
● Main memory is a repository of quickly accessible data shared by the CPU
and I/O devices
● To improve both the utilization of the CPU and the speed of the computer's
response to its users, general-purpose computers must keep several
programs in memory, creating a need for memory management
● All data in memory before and after processing
● All instructions in memory in order to execute
● Memory management determines what is in memory when
● Optimizing CPU utilization and computer response to users
● Memory management activities
● Keeping track of which parts of memory are currently being used and
by whom
● Deciding which processes (or parts thereof) and data to move into and
out of memory
● Allocating and deallocating memory space as needed
Operating System 2. Silberschatz, Galvin and Gagne
 Files Management
● A file is a collection of related information defined by its creator.
Commonly ,files represent programs and data
● OS provides uniform, logical view of information storage
● Abstracts physical properties to logical storage unit - file
● Each medium is controlled by device (i.e., disk drive, tape drive)
i. Varying properties include access speed, capacity, data-transfer rate,
access method (sequential or random)
● File-System management
● Files usually organized into directories
● Access control on most systems to determine who can access what
● OS activities include
1. Creating and deleting files and directories
2. Primitives to manipulate files and dirs
3. Mapping files onto secondary storage
4. Backup files onto stable (non-volatile) storage media

Operating System 2. Silberschatz, Galvin and Gagne

 I/O Subsystem Management

● One purpose of OS is to hide peculiarities of

hardware devices from the user
● I/O subsystem responsible for
● Memory management of I/O including buffering
(storing data temporarily while it is being
transferred), caching (storing parts of data in
faster storage for performance), spooling (the
overlapping of output of one job with input of
other jobs)
● General device-driver interface
● Drivers for specific hardware devices

Operating System 2. Silberschatz, Galvin and Gagne

 Secondary Storage Management

● Usually disks used to store data that does not fit in main memory
or data that must be kept for a “long” period of time.
● Proper management is of central importance
● Entire speed of computer operation hinges on disk subsystem and
its algorithms
● OS activities
● Free-space management
● Storage allocation
● Disk scheduling
● Some storage need not be fast
● Tertiary storage includes optical storage, magnetic tape
● Still must be managed
● Varies between WORM (write-once, read-many-times) and
RW (read-write)

Operating System 2. Silberschatz, Galvin and Gagne

 Protection and Security

● Protection – any mechanism for controlling access

of processes or users to resources defined by the OS
● Security – defense of the system against internal
and external attacks
● Huge range, including denial-of-service, worms,
viruses, identity theft, theft of service
● Systems generally first distinguish among users, to
determine who can do what
● User identities (user IDs, security IDs) include
name and associated number, one per user
● User ID then associated with all files, processes of
that user to determine access control
● Group identifier (group ID) allows set of users to
be defined and controls managed, then also
associated with each process, file
● Privilege escalation allows user to change to
effective ID with more rights
Operating System 2. Silberschatz, Galvin and Gagne
 Use of Operating system Tools

● User Management
● Security Policy
● Device management
● Performance Monitor
● Task scheduler

Operating System 2. Silberschatz, Galvin and Gagne

 User Management
● User management in operating systems involves controlling and administering
user access to system resources, such as files, directories, and applications.
● Effective user management ensures security, privacy, and efficient use of
resources.

1. User Accounts
● User Types:
○ Administrator/Superuser: Has full control over the system, including
installing software, managing user accounts, and configuring system
settings.
○ Standard User: Has limited access, typically restricted to using
applications and accessing personal files.
○ Guest User: Has minimal privileges, often used for temporary access
without the ability to modify system settings or install software.

Operating System 2. Silberschatz, Galvin and Gagne

 2. Authentication
● Password Management: Users must provide a password to authenticate
themselves. Strong password policies should be enforced to enhance
security.
● Multi-Factor Authentication (MFA): Adds an extra layer of security by
requiring more than one form of verification (e.g., password and a code sent
to a mobile device).
3. Authorization
● Permissions: Define what actions users can perform on files and
directories. Common permissions include read, write, and execute.
● Access Control Lists (ACLs): Provide a more granular permission system,
allowing specific permissions to be assigned to individual users or groups.
4. User Groups
● Groups: Users can be organized into groups, making it easier to manage
permissions for multiple users simultaneously. For example, a "developers"
group might have access to specific project directories.
5. Account Policies
● Password Policies: Enforce rules about password complexity, expiration,
and history.
● Account Lockout Policies: Define rules for locking user accounts after a
certain number of failed login attempts
Operating System 2.
to prevent unauthorized access.
Silberschatz, Galvin and Gagne
 6. User Profiles
● Profile Management: Each user can have a profile that includes personal
settings and preferences. Profiles can be local (stored on the user's machine) or
roaming (stored on a server).
7. User Management Tools
● Command-Line Tools:
○ Linux/Unix: Commands like adduser, usermod, passwd, and userdel.
○ Windows: Commands like net user, net localgroup
● Graphical User Interfaces (GUIs):
○ Linux: Tools like User Manager or Gnome System Tools.
○ Windows: Control Panel’s User Accounts applet
8. Monitoring and Auditing
● Logs: Systems maintain logs of user activities, which can be monitored and
audited to detect unauthorized actions or security breaches.
● User Activity Monitoring: Tools and practices to keep track of user actions in
real-time or through periodic reviews.
9. Networked Environments
● Domain Controllers: In enterprise environments, user accounts and policies
are often managed centrally using domain controllers (e.g., Active Directory in
Windows environments).
● Directory Services: LDAP (Lightweight Directory Access Protocol) is
commonly used to manage user information
Operating System 2.
in a centralized manner.
Silberschatz, Galvin and Gagne
 Security policies
● Security policies in an operating system are essential for safeguarding data,
maintaining system integrity, and ensuring the continuity of operations.
● These policies include a set of rules and configurations that govern access
controls, data protection, user authentication, and system monitoring.
1. Access Control
● User Authentication: Ensures that only authorized users can access the
system. This can include passwords, biometrics, and multi-factor
authentication (MFA).
● Permissions: Defines what actions users and applications can perform on
system resources such as files, directories, and devices. Permissions are
typically set using models like Discretionary Access Control (DAC),
Mandatory Access Control (MAC), and Role-Based Access Control (RBAC).
● Least Privilege: Users and applications are granted the minimum level of
access—or permissions—needed to perform their tasks, reducing the risk of
malicious activity.

Operating System 2. Silberschatz, Galvin and Gagne

 2. Data Protection
● Encryption: Protects data at rest and in transit by converting it into an
unreadable format for unauthorized users. eg:full disk encryption, file-level
encryption
● Data Integrity: Ensures that data is accurate and unaltered. Techniques include
hashing and digital signatures.
3. User and Account Management
● Password Policies: Enforce rules regarding password complexity, expiration,
and history to enhance security.
● Account Lockout Policies: Automatically lock user accounts after a certain
number of failed login attempts to prevent brute-force attacks.
● Account Auditing: Regularly review and audit user accounts to ensure they are
current and properly configured.
4. System and Network Security
● Firewall: A network security device that monitors and controls incoming and
outgoing network traffic based on predetermined security rules.
● Intrusion Detection and Prevention Systems (IDPS): Monitor network or
system activities for malicious activities and can respond to threats.
● Antivirus/Antimalware: Software designed to detect, prevent, and remove
malicious software. Silberschatz, Galvin and Gagne
Operating System 2.
 5. Patch Management
● Software Updates: Regularly applying patches and updates to operating
systems and applications to fix vulnerabilities and improve security.
● Automatic Updates: Configure systems to automatically download and apply
updates to ensure they remain secure without manual intervention.
6. Security Monitoring and Auditing
● Log Management: Collecting, monitoring, and analyzing system and
application logs to detect suspicious activities.
● Audit Trails: Keeping detailed records of system and user activities to
support forensic investigations and compliance requirements.
● Real-Time Monitoring: Using security information and event management
(SIEM) tools to provide real-time analysis of security alerts generated by
applications and network hardware.
7. Incident Response
● Incident Response Plan: A predefined set of procedures to detect, respond
to, and recover from security incidents. This includes identifying the incident,
containing it, eradicating the cause, recovering from the incident, and
conducting a post-incident review.
● Backup and Recovery: Regularly backing up critical data and systems and
having a recovery plan in place to restore operations after a security breach.
Operating System 2. Silberschatz, Galvin and Gagne
 Device management
● It involves the coordination and control of computer hardware
components and peripherals, ensuring they function correctly
and efficiently with the software and user commands..
Key Components of Device Management
1. Device Drivers
○ Definition: Software modules that allow the OS to communicate
with hardware devices.
○ Function: Translate high-level OS commands into device-specific
operations.
○ Examples: Printer drivers, display drivers, network card drivers.
2. Device Controllers
○ Definition: Hardware interfaces that connect devices to the
computer system and manage their operation.
○ Function: Send and receive signals between the CPU and the
device.Examples: Disk controllers, USB controllers, network
interface controllers.

Operating System 2. Silberschatz, Galvin and Gagne

 3.Input/Output (I/O) Management
I/O Scheduling: Manages the order in which I/O operations are executed to
optimize performance and resource use.
Buffering: Temporarily stores data to accommodate differences in data
processing speeds between devices.
Caching: Stores frequently accessed data in a faster storage medium to reduce
access time.
4.Resource Allocation
Resource Sharing: Ensures multiple processes can access devices without
conflicts.
Access Control: Enforces policies that restrict device access based on user
permissions and system rules.

Operating System 2. Silberschatz, Galvin and Gagne

 Performance monitoring
● It involves tracking and analyzing the performance of system components to
ensure optimal operation, identify bottlenecks, and preempt potential issues.
● Effective performance monitoring helps maintain system stability, improve
efficiency, and enhance user experience.
1.CPU Usage
● Monitoring: Tracks how much of the CPU's capacity is being used by various
processes.
● Tools: Task Manager (Windows), top/htop (Linux), Activity Monitor (macOS).
● Metrics: CPU load, usage percentage, process-specific CPU consumption.
2.Memory Usage
● Monitoring: Observes how system RAM is allocated and used by different
applications.
● Tools: Task Manager (Windows), free and vmstat (Linux), Activity Monitor
(macOS).
● Metrics: Available memory, used memory, cache, swap usage.
3.Disk I/O
● Monitoring: Measures the read/write operations to storage devices.
● Tools: Resource Monitor (Windows), iostat (Linux), Disk Utility (macOS).
● Metrics: Disk read/write speeds, queue length, I/O wait time.
Operating System 2. Silberschatz, Galvin and Gagne
 4.Network Usage
● Monitoring: Tracks data transmission over network interfaces.
● Tools: Resource Monitor (Windows), iftop and netstat (Linux), Activity Monitor
(macOS).
● Metrics: Data sent/received, packet loss, latency, bandwidth utilization.
5.Application Performance
● Monitoring: Analyzes the performance of individual applications and services.
● Tools: Process Explorer (Windows), ps and strace (Linux), Activity Monitor
(macOS).
● Metrics: Application-specific resource usage, response times, error rates.
Tools for Performance Monitoring
Windows
● Task Manager: Provides an overview of system performance, including CPU,
memory, disk, and network usage.
● Performance Monitor (PerfMon): Offers detailed performance data collection
and analysis, allowing for custom performance counters, data logging, and
alerts.
● Resource Monitor: Displays real-time information about CPU, memory, disk,
Linux
● top/htop: Real-time system monitoring tools that display process-specific
resource usage.
● vmstat:
Operating System Reports information about processes,
2. memory, paging, block I/O
Silberschatz, Galvin and Gagne
 A task scheduler in an operatingTask scheduler
system is responsible for determining which
processes run at any given time, managing the execution of multiple processes
efficiently, and ensuring optimal use of the CPU. Task scheduling is crucial for
maintaining system responsiveness and performance.
Key Concepts in Task Scheduling
1. Process States
○ Running: The process is currently being executed by the CPU.
○ Waiting/Blocked: The process is waiting for an event (e.g., I/O operation)
to complete.
○ Ready: The process is ready to run but is waiting for CPU time.
○ Terminated: The process has completed execution.
2. Scheduling Algorithms
○ First-Come, First-Served (FCFS): Processes are scheduled in the order
they arrive in the ready queue.
○ Shortest Job Next (SJN): The process with the shortest expected
processing time is selected next.
○ Priority Scheduling: Each process is assigned a priority, and the process
with the highest priority is scheduled next.
○ Round Robin (RR): Each process is assigned a fixed time slice (quantum)
and is cycled through the ready queue.
Operating System 2. Silberschatz, Galvin and Gagne
Operating System 2. Silberschatz, Galvin and Gagne
End of Chapter 2
 System Boot

● Operating system must be made available to hardware so

hardware can start it
● Small piece of code – bootstrap loader, locates the
kernel, loads it into memory, and starts it
● Sometimes two-step process where boot block at
fixed location loads bootstrap loader
● When power initialized on system, execution starts at a
fixed memory location
4 Firmware used to hold initial boot code

Operating System 2. Silberschatz, Galvin and Gagne

 Operating System Design and
Implementation (Cont.)

● Important principle to separate

Policy: What will be done?
Mechanism: How to do it?
● Mechanisms determine how to do something, policies
decide what will be done
● The separation of policy from mechanism is a very
important principle, it allows maximum flexibility if
policy decisions are to be changed later

Operating System 2. Silberschatz, Galvin and Gagne

 Simple Structure
● MS-DOS – written to provide the most functionality in the
least space
● Not divided into modules

Operating System 2. Silberschatz, Galvin and Gagne

 ● MSDOS operating systems started as small, simple, and
limited systems and then grew beyond their original scope
● In MS-DOS, the interfaces and levels of functionality are
not well separated.
● For instance, application programs are able to access the
basic I/O routines to write directly to the display and disk
drives
● Such freedom leaves MS-DOS vulnerable to errant (or
malicious) programs, causing entire system crashes when
user programs fail.
● MS-DOS was also limited by the hardware of its era.
Because the Intel 8088 for which it was written provides no
dual mode and no hardware protection, the designers of
MS-DOS had no choice but to leave the base hardware
accessible.

Operating System 2. Silberschatz, Galvin and Gagne

 MonoLithic Kernal (UNIX)
● UNIX – limited by hardware functionality, The UNIX OS consists of two
separable parts
● Systems programs
● The kernel
4 Consists of everything below the system-call interface and
above the physical hardware
4 Provides the file system, CPU scheduling, memory
management, and other operating-system functions; a large
number of functions for one level

Operating System 2. Silberschatz, Galvin and Gagne

 ● monolithic kernel includes all of its services in the kernel
proper.
● This reduces the amount of context switches and
messaging involved, making the concept faster than a
Microkernel.
● Functionality of the OS is invoked with simple function calls
within the kernel, which is one large program.
● Device drivers are loaded into the running kernel and
become part of the kernel.
● Since there is less software involved it is faster.
● It is more secure
● On the downside, the amount of code running in kernel
space makes the kernel more prone to fatal bugs.
● monolithic structure was difficult to implement and
maintain.

Operating System 2. Silberschatz, Galvin and Gagne

 Layered Approach
● The operating system is divided into a number of layers
(levels), each built on top of lower layers. The bottom
layer (layer 0), is the hardware; the highest (layer N) is the
user interface.
● With modularity, layers are selected such that each uses
functions (operations) and services of only lower-level
layers

Operating System 2. Silberschatz, Galvin and Gagne

 ● A typical operating-system layer—say, layer M—consists of
data structures and a set of routines that can be invoked by
higher-level layers. Layer M, in turn, can invoke operations on
lower-level layers.
● The main advantage of the layered approach is simplicity of
construction and debugging
● The first layer can be debugged without any concern for the
rest of the system, Once the first layer is debugged, its correct
functioning can be assumed while the second layer is
debugged, and so on. If an error is found during the
debugging of a particular layer, the error must be on that
layer, because the layers below it are already debugged.
● Each layer is implemented with only those operations
provided by lower level layers. A layer does not need to know
how these operations are implemented; it needs to know only
what these operations do.
● The major difficulty with the layered approach involves
appropriately defining the various layers. Because a layer can
use only lower-level layers, 2.careful planning is necessary
Operating System Silberschatz, Galvin and Gagne
 ● problem with layered implementations is that they tend to be
less efficient than other types
For instance, when a user program executes an I/O operation, it
executes a system call that is trapped to the I/O layer, which
calls the memory-management layer, which in turn calls the
CPU-scheduling layer, which is then passed to the hardware. At
each layer, the parameters may be modified, data may need to
be passed, and so on. Each layer adds overhead to the system
call; the net result is a system call that takes longer than does
one on a nonlayered system.

Operating System 2. Silberschatz, Galvin and Gagne

 Microkernel System Structure
● Monolithic Kernel is large & difficult to manage so Moves as much
nonessential components from the kernel into “user” space.This
result smaller kernel
● microkernels provide minimal process and memory management,
in addition to a communication facility
● The main function of the microkernel is to provide a
communication facility between the client program and the
various services that are also running in user
space.Communication takes place between user modules using
message passing
● For example, if the client program wishes to access a file, it must
interact with the file server. The client program and service never
interact directly. Rather, they communicate indirectly by
exchanging messages with the microkernel
● Benefits:
● Easier to extend a microkernel as All new services are added
to user space and consequently do not require modification of
the kernel.
● Easier to port the operating system to new architectures
● More reliable (less code is running in kernel mode)
● More secure
● Detriments:
Operating System● Performance overhead of user 2. space to kernel space
Silberschatz, Galvin and Gagne
Operating System 2. Silberschatz, Galvin and Gagne
 Monolithic Microkernel

Older Older than microkernel Introduced in 1980

Speed Faster Slower

Size Bulky Small

Device driver reside In kernel Space In user space

Security Less secure More secure

Interprocess use signals and Use Message Passing
Communication sockets

Adding New Feature difficult to add needs Easier to add

recompliation

Example Unix, Linux Mach ,QNX

Operating System 2. Silberschatz, Galvin and Gagne