Reorganizing UNIX for Reliability

  • Jorrit N. Herder
  • Herbert Bos
  • Ben Gras
  • Philip Homburg
  • Andrew S. Tanenbaum
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4186)


In this paper, we discuss the architecture of a modular UNIX-compatible operating system, MINIX3, that provides reliability beyond that of most other systems. With nearly the entire operating system running as a set of user-mode servers and drivers atop a minimal kernel, the system is fully compartmentalized.

By moving most of the code to unprivileged user-mode processes and restricting the powers of each one, we gain proper fault isolation and limit the damage bugs can do. Moreover, the system has been designed to survive and automatically recover from failures in critical modules, such as device drivers, transparent to applications and without user intervention.

We used this new design to develop a highly reliable, open-source, POSIX-conformant member of the UNIX family. The resulting system is freely available and has been downloaded over 75,000 times since its release.


Virtual Machine Process Manager Memory Manager Device Driver File Server 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Härtig, H., Baumgartl, R., Borriss, M., Hamann, C.J., Hohmuth, M., Mehnert, F., Reuther, L., Schonberg, S., Wolter, J.: DROPS–OS Support for Distributed Multi- media Applications. In: Proc. 8th ACM SIGOPS Eur. Workshop, pp. 203–209 (1998)Google Scholar
  2. 2.
    LeVasseur, J., Uhlig, V., Stoess, J., Gotz, S.: Unmodified Device Driver Reuse and Improved System Dependability via Virtual Machines. In: Proc. 6th Symp. on Operating Systems Design and Implementation, pp. 17–30 (2004)Google Scholar
  3. 3.
    Leslie, B., Chubb, P., Fitzroy-Dale, N., Gotz, S., Gray, C., Macpherson, L., Daniel Potts, Y.T.S., Elphinstone, K., Heiser, G.: User-Level Device Drivers: Achieved Performance. Journal of Computer Science and Technology 20(5) (2005)Google Scholar
  4. 4.
    Hunt, G.C., Larus, J.R., Abadi, M., Aiken, M., Barham, P., Fahndrich, M., Hawblitzel, C., Hodson, O., Levi, S., Murphy, N., Steensgaard, B., Tarditi, D., Wobber, T., Zill, B.: An Overview of the Singularity Project. Technical Report MSR-TR-2005-135, Microsoft Research (2005)Google Scholar
  5. 5.
    Basili, V., Perricone, B.: Software Errors and Complexity: An Empirical Investigation. Comm. of the ACM, 42–52 (1984)Google Scholar
  6. 6.
    Ostrand, T.J., Weyuker, E.J.: The Distribution of Faults in a Large Industrial Software System. In: Proc. of the 2002 ACM SIGSOFT Int’l. Symp. on Software Testing and Analysis, pp. 55–64. ACM, New York (2002)Google Scholar
  7. 7.
    Chou, A., Yang, J., Chelf, B., Hallem, S., Engler, D.: An Empirical Study of Operating System Errors. In: Proc. 18th ACM Symp. on Operating System Principles, pp. 73–88 (2001)Google Scholar
  8. 8.
    Swift, M., Bershad, B., Levy, H.: Improving the Reliability of Commodity Operating Systems. ACM Trans. on Computer Systems 23(1), 77–110 (2005)CrossRefGoogle Scholar
  9. 9.
    Swift, M., Annamalai, M., Bershad, B., Levy, H.: Recovering Device Drivers. In: Proc. 6th Symp. on Operating Systems Design and Implementation, pp. 1–15 (2004)Google Scholar
  10. 10.
    Saltzer, J., Schroeder, M.: The Protection of Information in Computer Systems. Proceedings of the IEEE 63(9) (1975)Google Scholar
  11. 11.
    Härtig, H., Hohmuth, M., Liedtke, J., Schönberg, S., Wolter, J.: The Performance of -Kernel-Based Systems. In: Proc. 6th Symp. on Operating Systems Design and Implementation, pp. 66–77 (1997)Google Scholar
  12. 12.
    Pfitzmann, B., Stüble, C.: Perseus: A Quick Open-source Path to Secure Signatures. In: 2nd Workshop on Microkernel-based Systems (2001)Google Scholar
  13. 13.
    Hildebrand, D.: An Architectural Overview of QNX. In: Proc. USENIX Workshop in Microkernels and Other Kernel Architectures, pp. 113–126 (1992)Google Scholar
  14. 14.
    Gefflaut, A., Jaeger, T., Park, Y., Liedtke, J., Elphinstone, K., Uhlig, V., Tidswell, J., Deller, L., Reuther, L.: The SawMill Multiserver Approach. In: ACM SIGOPS European Workshop, pp. 109–114 (2000)Google Scholar
  15. 15.
    Herder, J.N., Bos, H., Gras, B., Homburg, P., Tanenbaum, A.S.: MINIX 3: A Highly Reliable, Self-Repairing Operating System. ACM SIGOPS Operating System Review 40(3) (2006)Google Scholar
  16. 16.
    Tanenbaum, A.S., Herder, J.N., Bos, H.: Can We Make Operating Systems Reliable and Secure? IEEE Computer 39(5), 44–51 (2006)Google Scholar
  17. 17.
    Herder, J.N., Bos, H., Tanenbaum, A.S.: A Lightweight Method for Building Reliable Operating Systems Despite Unreliable Device Drivers. Technical Report IR-CS-018, Vrije Universiteit (2006),

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Jorrit N. Herder
    • 1
  • Herbert Bos
    • 1
  • Ben Gras
    • 1
  • Philip Homburg
    • 1
  • Andrew S. Tanenbaum
    • 1
  1. 1.Computer Science Dept.Vrije Universiteit AmsterdamAmsterdamThe Netherlands

Personalised recommendations