-
The most widely deployed mobile virtualization solution
Data Sheets
Open Kernel Labs Blog
November 22, 2007
What is a Microkernel
When you are as immersed in this technology as many of us are, you can forget to explain the basics. At tradeshows I am frequently asked: “What is a Microkernel”
Well, let me begin my describing what a kernel is. A kernel is basically the software component of an operating system that runs in the privileged mode of a microprocessor. Since it runs in this privileged mode, it has unrestricted access to every resource in the system. What runs in privileged mode, which is how the kernel is defined, is basically a super being. It is lord of your computer system - It can do what ever it wants. It forms a necessary part of what we call the trusted computing base (TCB). The TCB is the part of the system that must be trusted because it can circumvent security policies.
Since the kernel runs in privileged mode, it is therefore true that a correctly functioning kernel is a prerequisite for the correct functionality of any other software unit in the system. This is why the kernel, running in privileged mode, is so critical to system security. It follows naturally that we should minimize what goes into the kernel. That is our philosophy at OK. We try to minimize what runs in the privileged mode of the microprocessor.
Our operating system is called a microkernel because it only contains a minimal set of abstractions. With these abstractions you can construct arbitrary operating systems personalities and policies.
The distinction is that your traditional operating systems, such as Windows and Linux and so fourth, run on a monolithic kernel. This means that the kernel is a complicated piece of software that runs a whole range of services like file systems, device drivers, vertical stacks and more. Where as with the microkernel philosophy, the microkernel contains only a very small set of abstractions, like web address bases and things that process communications. Then outside of the microkernel you can take advantage of those mechanisms provided by the microkernel to construct your traditional OS services. You do so outside of the kernel, outside of the privileged mode, in what's called user mode. Therefore, you reduce the trusted computing base foundation of the secure resource.
You get the functionality of a large monolithic kernel with the safety and security of a microkernel.
Posted by Abi Nourai on November 22 at 07:03 PM
blog comments powered by Disqus
About Abi Nourai:
Abi Nourai - Sales Director has recently relocated from Sydney to OK's Paris office, and even more recently, made another move to London. The journey was a little easier this time round. Abi is excited about using the OKL4 technology he helped develop as an undergraduate to solve business problems for the mobile and embedded spaces. Abi gets away from it all by indulging in fine cuisine, roaming through museums, and hopping around Europe's many great cities.